Head of Security Operations

Job Description

We\’re now recruiting a Head of Security Operations to support the Chief Information Security Officer in managing and reporting the Information Security Risks faced by Technology Services (TS) in delivering AJ Bell’s systems and services. Key to this is maintaining the confidentiality, integrity and availability of the data that resides upon those systems. The Head of Security Operations is responsible for ensuring alignment between AJ Bell’s business goals and our ability to proactively identify and respond to security incidents, underpinned by an ability to translate cyber risk in to business risk and vice versa.

This role will be responsible for the leadership and management of the team delivering ongoing proactive cyber defence and response to security threats targeting AJ Bell systems and information. The Security Operations Team is the first point of contact for security queries, as such the role holder is expected to be a leader in developing a security first culture providing effective guidance to staff at all levels.

About the role

• Ensuring AJ Bell has the appropriate capability to detect and respond to security events and incidents.
• In partnership with the 3rd party managed service provider, ensure that AJ Bell maintains 24×7 operational security coverage.
• Proactively drive efficiency improvements via the use of automation and AI in security operations processes.
• Own and develop AJ Bell’s incident response framework and playbooks, including undertaking regular training and testing (including table top exercises) up to and including executive level.
• Develop and maintain AJ Bell’s threat intelligence capabilities to enable effective response to the evolving threat landscape, delivering and disseminating actionable intelligence to operations teams and key stakeholders.
• Ensure operational processes for managing AJ Bell’s supply chain risk are effective.
• Own the end-to-end vulnerability management process, including penetration testing, mitigation assessment and remediation tracking.
• Effectively communicate the security posture of AJ Bell with the development and delivery of regular MI and reporting, where gaps are identified work with the security engineering team to provide clear requirements for security solutions.
• Manage the operational security vendor relationships, overseeing regular performance reviews and commercial management.
• Manage and oversee the development of a team of security analysts responsible for maintaining BaU security operations and act as an escalation point for day-to-day security issues identified by colleagues.
• Identify the future needs of the business with respect to the security operations function and develop AJ Bell’s capability accordingly.
• Foster an environment of continuous improvement to grow and develop AJ Bell’s security capability by establishing repeatable, managed and measured processes.

About you

• Expert understanding and knowledge of Information Security risk management tools and techniques
• Extensive experience of Information Security standards and frameworks
• Awareness and understanding of the Information Security threat landscape
• Knowledge of security investigations best practice including the use of Microsoft Purview and computer forensics an advantage.
• Experience of utilising and monitoring Information Security solutions e.g. email / web gateways, SIEM, Endpoint protection etc.
• Strong awareness of Cloud services and supporting security solutions & standards.
• Good understanding of cloud native and devops practices including pipelines and associated processes
• Hands on experience of managing and configuring systems including Microsoft Active Directory, Windows and Linux in an enterprise environment is highly advantageous
• Hands on experience with internet proxies, end point security tools and data loss prevention systems also highly advantageous
• Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc.
• Knowledge of relevant regulatory requirements (e.g. GDPR / FCA / PRA)
• Experience in an Information Security role gained in a financial services or e-commerce environment is preferred
• Strong written communication skills, with ability to contribute to executive committee and Board level papers.
• Self-motivated, professional, tenacious and enthusiastic
• Strong ownership of tasks, attention to detail and following through to conclusion
• Ability to challenge approach, strategy and implementation to ensure Information Security is consistently considered and improved
• Ability to work under own initiative to plan and communicate effectively with colleagues and customers
• Structured, self-starting, flexible and enjoy working in fast-paced environments
• Effective communication skills, both written and verbal
• Ability to plan, organise and follow through on assigned tasks and complete with little or no prompting from management
• Ability to learn and develop new skills and take on new challenges
• Excellent attention to detail

About us

AJ Bell is one of the fastest-growing investment platform businesses in the UK offering an award-winning range of solutions that caters for everyone, from professional financial advisers to DIY investors with little to no experience. We have over 620,000 customers using our award-winning platform propositions to manage assets totalling more than £96.1 billion. Our customers trust us with their investments, and by continuously striving to make investing easier, we aim to help even more people take control of their financial futures.

Having listed on the Main Market of the London Stock Exchange in December 2018, AJ Bell is now a FTSE 250 company.

Headquartered in Manchester with offices in central London and Bristol, we now have over 1,500 employees and have been named one of the UK\’s \’Best 100 Companies to Work For’ for six consecutive years and in 2024 named a Great Place to Work®.

Our perks and benefits

• Competitive starting salary
• Starting holiday entitlement of 28 days, increasing up to 31 days with length of service and a holiday buy and sell scheme
• A choice of pension schemes with matched contributions up to 8% (Increasing with length of service)
• Discretionary bonus scheme
• Annual free share awards scheme
• Buy As You Earn (BAYE) Scheme
• Health Cash Plan – provided by SimplyHealth
• Private healthcare scheme and dental plan
• Free gym membership, with an on-site gym providing a wide range of free classes
• Employee Assistance Programme
• Bike loan scheme
• Sick pay+ pledge
• Enhanced maternity, paternity, and shared parental leave
• Discounted nursery fees at Kids Planet on Exchange Quay
• Loans for travel season tickets
• Death in service scheme
• Paid time off for volunteer work
• Charitable giving opportunities through salary sacrifice
• Calendar of social events, including monthly payday drinks, annual Christmas party, summer party and much more
• Parking at Exchange Quay (subject to availability)
• Ongoing technical training
• Professional qualification support
• Talent development programmes
• Peer recognition scheme, with rewards including restaurant and shopping vouchers or time off
• Monthly leadership breakfasts and lunches

Hybrid working

At AJ Bell, our people are the heart of our culture. We believe in building strong connections by working together. That\’s why we offer a hybrid working model, where you’ll spend a minimum of 50% of your working time per month in the office. For new team members, an initial period will be full-time in the office to help you immerse yourself in our business and build valuable relationships with your colleagues.

#J-18808-Ljbffr