Manager Security Operations
The Manager Security Operations is responsible for overseeing the outsourced Security Operations Center delivered as a service, defining short and long-term service improvements, establish and maintain the cyber security incident response plan, handle resolution of global security incidents, creating & presenting operational & compliance reports to IT & Business stakeholders.
Wat we vragen
- Minimum 5 – 7 years of experience in IT Security domain with sound technical knowledge on Microsoft solutions such as Microsoft Sentinel, Microsoft 365 Defender, Microsoft Defender for Cloud, as well as MFA, PKI, DLP, Encryption, etc.
- Solid experience in IT Service Management roles managing teams & technical experts and/or outsourced service vendors
- You are customer focused and can act with speed and decisiveness to achieve the best results.
- You take responsibility for your work and are continuously looking for new opportunities to make a change.
- Proactive, intervenes as appropriate and able to effectively collaborate with multiple stakeholders to implement solutions that safeguard the IT systems.
- Broad knowledge of IT security and solid hands-on experience in implementing various IT security technologies.
- Familiar with use forensic tools and investigative methods to find specific electronic data, and provision with technical skills
- Expertise / understanding of hacking & intrusion techniques and prior experience with security testing and system diagnostics
- Experience of working in a complex geographical/functional matrix organization
- Skills in relationship management and influencing at all levels of the organization
- Knowledge and understanding on networking (LAN/WAN) and cloud services (Azure, AWS) is preferred.
- Knowledge and application of IT security standards, security control frameworks and risk management techniques.
Nice to have
- Degree in Computer Science / Information Technology or its equivalent. Recognized IT security certification is preferred.
- Professional certification in IT Security or Forensic preferred – e.g. CISM/CISSP/CEH/CFCE/CHFI/GCIH/GCFA or GCIA etc.
Wat we bieden
- Unique company culture of Dutch heritage and international presence
- Great work life balance, and competitive salary & benefits package so you can enjoy it
- Workweek of 38 hours with 25 paid vacations days
- Competitive pension scheme
- Holiday allowance of 8%, end year allowance 3% and bonus scheme
- Flexible working hours in a hybrid environment
- Diverse training and mentoring programs to help you grow on your own professional journey
- Exceptional support of cross disciplinary movement within the company to broaden your knowledge and growth paths
- A friendly and informal working environment, yet professional team members as sparring partners
- Autonomy and trust to create longer term impact that helps bring better nutrition to the world
- Free cheese and milk at lunch in the central office, and barista coffee to help you go through your working days with a lot of joy
- FrieslandCampina has a ‘fietsplan’
1. Security Operations Management
- Service Manager of vendor managing the outsources Security Operations Center
- Define and monitor improvement plan for Security Operations processes, which includes:
- Improvement of security incidents detection capabilities by reduction of false/positive rate
- Increase in effectiveness of runbooks in case of security incidents / crisis situations
- Define & maintain roadmap for on-boarding of new log sources to SIEM solution.
- Analyze and optimize orchestration and automation & storage cost for log sources.
- Create and maintain a database of Indicators of Compromise for FrieslandCampina
- Create and maintain an operational and tactical cyber security dashboard
- Attend operational security meetings with suppliers
Results: Effective delivery of Managed Detection & Response service
2. Security Incident Management
- Responsible for the global security incident management process (governance, management / coordination of global security incidents)
- Monitor and follow up on global cyber security events and incidents.
- Align with problem management in improvement actions regarding of security incidents
- Monitor the implementation of the defined security controls
- Analyze and conduct audits with regard to the implementation of security controls and their effectiveness
- establish and maintain the cyber security incident response plan
Results: Effective cyber security incident management process
- Maintain an operation cyber security board with security stakeholders within Global IT
- Communicate changes of security baselines, principles and guidelines internally as well as to suppliers.
- Regularly communicate the updated security dashboard to stakeholders.
- Use visualizations to explain the vision, analysis of opportunities and risk, choice and consequences
Results: Security Operations Board
4. Runbooks, security baselines, principles and guidelines
- Define, review and operationalize runbooks, security baselines, principles and guidelines
- Monitor and test the effectiveness of security runbooks
Results: Security Runbooks
5. Threat and Vulnerability Management
- Work with Security Manager & Security compliance Manager within the IT Information Risk & Security (IRS) organization to set up and maintain an operational threat and vulnerability management system that adhere to the defined vulnerability and patch management standards.
- Perform regular risk assessments in alignment with IT service departments and make risks and security improvement actions actionable to the IT service owners.
- Supervise actions in case services / projects or information is at risk or when threats warrant it
- Identify trends relating to (potential) security breaches, current security risks and incidents
- Assess developments and trends for the organization and inform and advise management on these developments
Results: Effective threat and vulnerability management program
Ons teamZie alle collega's op LinkedIn
This role will report to the Global Director Information Risk & Security, handling day to day security operations matter including project delivery. Cyber Security is regarded as an enterprise responsibility for FrieslandCampina. Effective cyber security incident and crisis management processes within FrieslandCampina are key focus areas in the corporate cyber security strategy. FrieslandCampina Security Operations Center is fully operational (hybrid). The Manager Security Operations Officer is the primary point of contact within FrieslandCampina for detective and responsive security controls and activities in which the Security Operations Center play a crucial role.