Lead Cyber Security Operations Manager
The role of Lead Cyber Security Operations Manager is to oversee the Security Operations team responsible for designing, implementing, and evolving Canonical's security practices, techniques, tools, systems, and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure, and build processes.
* The successful candidate will be responsible for managing a high-performing Security Operations team, collaborating with the Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical.
* They will operate in a wider security organisation, lead initiatives to integrate the team's insights into Canonical's broader software development process, and contribute to the security of the wider open source ecosystem.
Key Responsibilities:
* Hire and mentor a team of outstanding technical security professionals.
* Define Canonical's SecOps security standards and playbooks.
* Own and drive the architecture and design of the SOC.
* Analyse and improve Canonical's security architecture.
* Evaluate, select, and implement new security tools and practices.
* Identify, contain, and guide the remediation of security threats and cyber attacks.
* Grow the presence and thought leadership of Canonical SecOps practice.
* Contribute to open source threat intelligence initiatives.
* Drive threat modelling, table top exercises, and other SecOps practices across Engineering, IS, and Canonical.
* Develop Canonical SecOps learning and development materials.
* Publish blog posts, whitepapers, and conference presentations.
* Identify, implement, and track SecOps KPIs.
* Plan and deliver SecOps work in the framework of Canonical's agile engineering practice.
* Work with Security leadership to present information and influence change.
Requirements:
* A proven track record of mitigating advanced threat actors and nation-state threats.
* Expert technical understanding of SOCs from the ground up.
* In-depth knowledge of SOC architecture and design, including strategies for logging, firewalls, network segmentation, honeypots, etc.
* Someone who understands how the SOC works, not just how to use it.
* Expertise in Linux security.
* Ability to define, implement, automate, and measure effective incident response playbooks.
* Knowledge of security architecture and market-leading security tools.
* Experience contributing to and consuming threat intelligence feeds.
* Experience in security risk management frameworks such as NIST CSF.
* An exceptional academic track record from both high school and university.
* Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path.
* Drive and a track record of going above-and-beyond expectations.
* Deep personal motivation to be at the forefront of technology security.
* Leadership and management ability.
* Excellent business English writing and presentation skills.
* Confidence to report security performance metrics with accountability for accuracy and completeness.
Optional:
* Experience in offensive or defensive security teams with hands-on ability.
* Experience with open source security tools.
* Experience with security standards such as ISO 27001.
* Experience with security posture management of corporate endpoints.