Security Operations Manager

Our vision is to give everyone the belief they can make their move. We aim to make moving simpler, by giving everyone the best place to turn to and return to for access to the tools, expertise, trust, and belief to make it happen. We’re home to the UK’s largest choice of properties and are the go-to destination for millions of people planning their next move, reading the latest industry news, or just browsing what’s on the market.

The role will involve working across a range of areas to support the information security needs of a busy, high-profile website, as well as an administrative IT environment that supports nearly 1,000 people across 3 office locations with many remote workers. As well as working closely with the other members of the Information Security team, the role will also require extensive engagement across other teams across Rightmove (including IT, Engineering etc.) to ensure security objectives are being met, incidents are being responded to effectively, and our security stance remains strong.

What You’ll Be Doing

• Providing technical leadership and acting as a subject matter expert on information security best-practice.
• Planning and delivering projects to achieve our information security objectives.
• Collaborating with the IT Infrastructure team on the security elements of migrating Windows estate into Azure.
• Advising our website platforms teams on security considerations impacting our website hosting environment in Google Cloud Platform & GKE.
• Working with team members and service providers on SIEM and XDR tooling and establishing processes and playbooks to support incident response and SOC activities.
• Playing a leading role in managing incident response activities and engaging with third party DFIR specialists where necessary.
• Leading threat hunts to proactively discover potential compromises before they lead to bad security outcomes.
• Working with team members and external partners on penetration tests and red team engagements to assess our security posture, along with our detection and recovery capabilities.
• Helping to evaluate our response to regulatory/legislative requirements and recommending improvement actions where necessary (e.g. FCA compliance, ISO27001, PCI-DSS, GDPR etc).
• Keeping up to date with cyber threat intelligence and emerging attack vectors, always evaluating the materiality of the threat to Rightmove and helping shape our response.
• Coaching and developing your people, with regular 1-to-1s and continuous feedback.
• Supporting your team members by actively removing blockers.

We’re Looking For Someone Who

• Has a passion for Information Security and understands how this is embedded into an organisation.
• Can manage their own workload, making decisions on what tasks need to be prioritised.
• Is confident to communicate and collaborate with internal and external stakeholders, either individually or in group settings, and across a variety of levels of seniority and technical understanding.
• Can reach decisions, even if they are difficult, and is able to provide a clear explanation of the rationale and approach taken.
• Can be trusted to keep confidences, and displays a high level of professional integrity.
• Follows through on commitments and can be relied upon to get things done.
• Is proactive, hands-on and wants to make things better.

What You’ll Bring To The Role

• Minimum of five years working in a technical security-based role.
• A high-level Security qualification such as a CISSP, SANS Cyber Defence, EC-Council Certified Security Analyst, OSCP etc.
• Professional experience in three or more of the following areas (and a willingness to learn about the others): Securing Windows, Active Directory and M365 environments, Linux security, Container security, Cloud security (ideally in GCP and / or Azure environments), Microsoft 365 security (including Defender, Purview etc.), SIEM, SOAR and EDR / XDR systems, Incident Response.
• Strong understanding of networking principles including TCP/IP, DNS etc. and commonly used Internet protocols such as SMTP, HTTP etc.
• Experience working in IT security in a cloud hosted environment.
• Good data processing skills – experience with Google SecOps, ELK, Splunk or similar would be beneficial.
• Report writing and note taking skills.
• Ability to prioritize both operational and project demands.
• Line management experience.
• Ability to handle high pressure situations in a productive and professional manner.

About Rightmove

We believe in careers that open doors and help our team develop by providing an open and inclusive work environment, offering ongoing training opportunities, and supporting charity fundraising events. And with 88% of Rightmovers saying we’re a great place to work, we’re clearly doing something right!

What We Offer

• Cash plan for dental, optical and physio treatments.
• Private Medical Insurance, Pension and Life Insurance, Employee Assistance Plan.
• 27 days holiday plus two (paid) volunteering days a year to give back, and holiday buy schemes.
• Hybrid working pattern with 2 days in the office.
• Contributory stakeholder pension.
• Life assurance at 4x your basic salary to a spouse, family member or other nominated person in your life.
• Competitive compensation package.
• Paid leave for maternity, paternity, adoption & fertility.
• Travel Loans, Bike to Work scheme, Rental Deposit Loan.
• Charitable contributions through Payroll Giving and donation matching.
• Access deals and discounts on things like travel, electronics, fashion, gym memberships, cinema discounts and more.

As an Equal Opportunity Employer, Rightmove will never discriminate based on age, disability, sex, race, religion or belief, gender reassignment, marriage / civil partnership, pregnancy/maternity or sexual orientation. At Rightmove, we believe that a diverse and inclusive workforce leads to better innovation, productivity, and overall success. We are committed to creating a welcoming and inclusive environment for all employees, regardless of their background or identity, to develop and promote a diverse culture that reflects the communities we serve.