Security Operations Lead

Working Hours

35 hours per week, 9:30am to 5:30pm but additional hours may be required.  We are happy to consider agile and flexible working patterns and are piloting a hybrid working approach, please contact a member of the recruitment team to discuss further.  

Firm Description

Hogan Lovells is one of the leading global law firms.  Our distinctive market position is founded on our exceptional breadth of our practice, on deep industry knowledge, and on our 'one team' global approach.  Formed through the combination of two top international law firms, Hogan Lovells has over 40 offices in the Americas, Asia-Pacific, Europe, the Middle East and Africa.  With a presence in the world's major financial and commercial markets, we are well placed to provide excellent business-oriented advice to our clients locally and internationally.  Our people are the key to our success, which is why we seek to recruit and retain the most talented individuals in all regions of our global practice.

In the UK Hogan Lovells has offices in Birmingham and London.  The Birmingham office opened in 2015 and has a number of practice areas including Corporate/Commercial, Disputes, Finance and Real Estate, as well as our Legal Delivery Centre and business services departments.  The office has recently trebled in size and moved into a new fitted out space in the Colmore Building

Department Description

The Information Security department is responsible for protecting and monitoring Hogan Lovells systems and data for any improper or malicious activity. 

Role Overview

The Security Operations Lead will manage the security operations team, and our 24/7/365 Security Operations Centre.  The qualified candidate must have experience in handling medium to large scale prevention/detection capabilities, incident response, and managing the ongoing use of security solutions.

The Security Operations Lead is responsible for responding to incidents and managing cross-team coordination and communication.

Key Responsibilities / Accountabilities

• Under direction of the CISO, manage the company’s security operations to safeguard the firm network and information assets from internal and external threats

• Lead the Security Operations team and 3rd party SOC in performing prevention, detection, response, and remediation activities

• Develop strategy and roadmap for monitoring, detecting, and alerting for anomalous behaviour

• Evaluate current security operations processes and technology and create enhanced strategy, process, and technology recommendations

• Collaborate with IT engineering teams to ensure security tooling provides appropriate functionality with visibility to detect and respond to security events

• Collaborate with offensive security, threat and vulnerability teams to Integrate threat modelling into defence operations

• Develop security and compliance related documentation, policies and procedures that align with industry standards, audits, and best practices

• Assess and mitigate system security threats and risks throughout program life cycle

• Create and meet measurable targeted SLAs, generate metrics to highlight key capabilities and improvement areas

• Oversee information security incidents, coordinate response and communicate remediation efforts to all relevant stakeholders

• Determine the root cause of incidents and work with the correct groups to remediate and identify control gaps or failures

• Conduct security design review to ensure system development and automation projects adhere to security requirements

• Lead technical relationships with assigned vendors

• Ensure subordinates leverage opportunities to increase their security competence

Person Specification

Qualifications And Training

• 7+ years of security / cybersecurity technical experience

• 3+ years’ experience managing people

• In-depth knowledge of security best practices in large-scale environments

• Solid understanding of established security frameworks (ATT&CK, NIST CSF, OWASP, etc.)

• Significant knowledge of current technological trends and developments in the cybersecurity field

• Previous incident response process management for a global organization

• Strong technical background with hands-on experience with information security hardware and software tools, including Microsoft, Palo Alto,  Defender, Sentinel, Palo Alto, QRadar, Tenable, etc.

• Excellent verbal and communication skills with the ability to communicate to both highly technical and non-technical stakeholders

• Good organizational and time management skills, ability to be flexible and solve problems

• Hold one or more of the following certifications: CISSP, CISM, GCIH, GNFA, CHFI, OSCP

General Attributes

• Strong communication skills

• Ability to identify and prioritise security risk