Social network you want to login/join with:
Defence Automation Manager, West Drayton
Client: IAG GBS
Location: West Drayton, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Reference: 1c9810ec849d
Job Views: 4
Posted: 27.05.2025
Expiry Date: 11.07.2025
Job Description:
This is a high-impact greenfield role ideal for a strategic and hands-on cybersecurity professional. As an individual contributor, you will be responsible for defining and implementing the end-to-end operating model for collaboration between the central Security Operations Centre (SOC) and supporting functions. You will formulate all core processes, define areas of handover with the core SOC, and establish the technology stack and deliverables necessary to enable scalable and effective security operations.
A key early responsibility will be contributing to the selection and onboarding of a new Managed Security Services Provider (MSSP). You will work closely with the chosen vendor to define operational procedures, service delivery models, KPIs, and SLAs. Building a strong, collaborative relationship with the MSSP will be a critical short-term goal.
In the longer term, this role will take ownership of developing the business case for building and strengthening internal capabilities โ laying the foundation for a future in-house team and transitioning key functions where strategically appropriate. You will also be expected to build trusted relationships with external stakeholders across operating companies to ensure SOC services are aligned with business risk and operational priorities.
Responsibilities include:
- Automation of SOC Processes: Design and implement automation solutions to streamline tasks such as alert triaging, incident response, and reporting.
- Tool Integration: Integrate security tools (SIEM, SOAR, firewalls) to improve data flow and response coordination.
- Workflow Optimization: Enhance SOC workflows for efficiency and reduced manual effort.
- Development of Playbooks: Create automated response playbooks for security incidents.
- Collaboration with Security Teams: Work with SOC analysts and engineers to identify automation opportunities and provide solutions.
- Monitoring and Maintenance: Ensure continuous operation of automation tools and resolve issues.
- Continuous Improvement: Regularly review and update automation scripts and processes.
- Documentation: Maintain detailed documentation of workflows and configurations.
Qualifications:
- Bachelorโs degree in Cybersecurity, Computer Science, IT, or related field (or equivalent experience).
- Certifications: CISSP, GCIH, GCSA, Splunk Certified Automation Consultant, or relevant SOAR certifications.
- Experience with automation tools (e.g., SOAR platforms, Ansible, Phantom).
- Proficiency in scripting languages (Python, PowerShell, Bash).
- Strong understanding of SOC processes, incident response, threat detection.
- Experience with SIEM platforms (Splunk, QRadar, ArcSight).
- Knowledge of security frameworks (NIST, MITRE ATT&CK).
- 3-5 years of experience in SOC or cybersecurity roles.
- Hands-on experience with automation tools and scripting for automation.
- Experience integrating security tools and developing automated workflows.
- Strong problem-solving, analytical, collaboration, and communication skills.
Additional Information:
Benefits: Opportunities for career growth, working in a dynamic, multicultural environment, health insurance, pension, bonuses.
Diversity and Inclusion: IAG Tech values diversity, inclusion, and aims for gender balance in leadership roles, with specific targets for female representation by 2025 and 2030.
#J-18808-Ljbffr
Contact Detail:
TN United Kingdom Recruiting Team