Manager Security Operations
The Manager Security Operations is responsible for overseeing the outsourced Security Operations Center delivered as a service, defining short and long-term service improvements, establish and maintain the cyber security incident response plan, handle resolution of global security incidents, creating & presenting operational & compliance reports to IT & Business stakeholders.
What we ask
- Degree in Computer Science / Information Technology or its equivalent. Recognized IT security certification is preferred.
- Minimum 5 – 7 years of experience in IT Security domain with sound technical knowledge on Microsoft solutions such as Microsoft Sentinel, Microsoft 365 Defender, Microsoft Defender for Cloud, as well as MFA, PKI, DLP, Encryption, etc.
- Solid experience in IT Service Management roles managing teams & technical experts and/or outsourced service vendors
- Professional certification in IT Security or Forensic preferred – e.g. CISM/CISSP/CEH/CFCE/CHFI/GCIH/GCFA or GCIA etc.
- You are customer focused and can act with speed and decisiveness to achieve the best results.
- You take responsibility for your work and are continuously looking for new opportunities to make a change.
- Proactive, intervenes as appropriate and able to effectively collaborate with multiple stakeholders to implement solutions that safeguard the IT systems.
- Broad knowledge of IT security and solid hands-on experience in implementing various IT security technologies.
- Familiar with use forensic tools and investigative methods to find specific electronic data, and provision with technical skills
- Expertise in hacking & intrusion techniques and prior experience with security testing and system diagnostics
- Experience of working in a complex geographical/functional matrix organization
- Skills in relationship management and influencing at all levels of the organization
- Knowledge and understanding on networking (LAN/WAN) and cloud services (Azure, AWS) is preferred.
- Knowledge and application of IT security standards, security control frameworks and risk management techniques.
What we offer
FrieslandCampina offers you a place to be yourself. In an innovative work environment with facilities and support that are second to none, we welcome your skills, ideas, and passion. Most of all we welcome you as the person you are and the person you want to be. Our mission is to liberate people to work smarter.
Our reward policies support FrieslandCampina’s values and business strategy by helping to attract, engage and retain the best possible talent at every level. We offer remuneration packages that recognize and reward individual performance, experience, and potential, while reflecting competitive practices in all the countries in which we operate. A transparent, consistent, and fair approach to reward is critical to our success and growth
1. Security Operations Management
- Service Manager of vendor managing the outsources Security Operations Center
- Define and monitor improvement plan for Security Operations processes, which includes:
- Improvement of security incidents detection capabilities by reduction of false/positive rate
- Increase in effectiveness of runbooks in case of security incidents / crisis situations
- Define & maintain roadmap for on-boarding of new log sources to SIEM solution.
- Analyze and optimize orchestration and automation & storage cost for log sources.
- Create and maintain a database of Indicators of Compromise for FrieslandCampina
- Create and maintain an operational and tactical cyber security dashboard
- Attend operational security meetings with suppliers
Results: Effective delivery of Managed Detection & Response service
2. Security Incident Management
- Responsible for the global security incident management process
(governance, management / coordination of global security incidents)
- Monitor and follow up on global cyber security events and incidents.
- Align with problem management in improvement actions regarding of security incidents
- Monitor the implementation of the defined security controls
- Analyze and conduct audits with regard to the implementation of security controls and their effectiveness
- establish and maintain the cyber security incident response plan
Results: Effective cyber security incident management process
- Maintain an operation cyber security board with security stakeholders within Global IT
- Communicate changes of security baselines, principles and guidelines internally as well as to suppliers.
- Regularly communicate the updated security dashboard to stakeholders.
- Use visualizations to explain the vision, analysis of opportunities and risk, choice and consequences
Results: Security Operations Board
4. Runbooks, security baselines, principles and guidelines
- Define, review and operationalize runbooks, security baselines, principles and guidelines
- Monitor and test the effectiveness of security runbooks
Results: Security Runbooks
5. Threat and Vulnerability Management
- Work with Security Manager & Security compliance Manager within the IT Information Risk & Security (IRS) organization to set up and maintain an operational threat and vulnerability management system that adhere to the defined vulnerability and patch management standards.
- Perform regular risk assessments in alignment with IT service departments and make risks and security improvement actions actionable to the IT service owners.
- Supervise actions in case services / projects or information is at risk or when threats warrant it
- Identify trends relating to (potential) security breaches, current security risks and incidents
Assess developments and trends for the organization and inform and advise management on these developments
Results: Effective threat and vulnerability management program
This role will report to the Global Director Information Risk & Security, handling day to day security operations matter including project delivery. Cyber Security is regarded as an enterprise responsibility for FrieslandCampina. Effective cyber security incident and crisis management processes within FrieslandCampina are key focus areas in the corporate cyber security strategy. FrieslandCampina Security Operations Center is fully operational (hybrid). The Manager Security Operations Officer is the primary point of contact within FrieslandCampina for detective and responsive security controls and activities in which the Security Operations Center play a crucial role.