Security Operations Centre Technical Team Lead

Job Description

It is an exciting time for HM Land Registry (HMLR) as we continue a major transformation programme. HMLR's ambition is to become the world’s leading land registry for speed, simplicity and an open approach to data.  

We have an exciting opportunity to join us on a permanent basis, as a Security Operations Centre Technical Team Lead. 

This role is to provide technical leadership for the Security Operations Centre team providing technical oversight and direction. You will engage with various teams across DDaT to maintain security monitoring, threat intelligence and vulnerability management controls to detect and alert across all HM Land Registry technical assets. You will also assist in the tuning of controls and counter measures.

You will help direct HM Land Registry's technical penetration test activities to provide assurance to the organisation, validating that our services, applications, and websites are secured against the latest vulnerabilities and threats.

Job description

You will take forward technical consolidation and/or improvement activities providing guidance and leadership to technicians within the IT Operations Practice and wider, whilst also working across DDaT to support and deliver solutions in line with the Technology and Business Strategies.

Main duties: 

Working closely with the Lead Infrastructure Engineers and subject matter experts, you will develop and maintain security monitoring, threat intelligence and vulnerability management controls, to detect and alert across all HMLR technical assets.  You will work with technical teams to develop SOC scenario-based run books to respond to security events & incidents. 

Develop vulnerability tools to ensure awareness of threats and risks to security controls.  Work in conjunction with Lead Infrastructure Engineers and other security teams to advise and guide operational teams on Security controls. 

Engage with project teams to provide assurance around the security of new and existing services at key points.  

HMLR expect everyone to spend at least 60% of their working time in the office.  Please note that you will be required to work a minimum of 30 hours per week. 

Occasional travel is required to other HMLR offices and other government departments, with possible overnight stays.  This role does require occasional planned out of hours and may include participation in a permanent on-call rota. 

For more information about this role and full job description, please see the attached candidate pack.

Person specification

To be successful in your application you will demonstrate experience within a Security Operations Centre or operational security environment. You will hold a qualification in Information Technology or a related area (degree level or equivalent), or significant experience in an IT field. 

You will have knowledge of SIEM tooling and operating procedures and utilisation of Cyber Threat Intelligence within a Security Operations context.  

You will have knowledge and use of NIST Incident Response framework and experience of technical information gathering, analysis and problem solving.

You will have the ability to manage technical risk and lead on implementing mitigations.  You have experience of managing or leading a technical team or function within an enterprise environment.  You have experience working with ITSM systems to manage and prioritise workloads. 

You can use formal processes to apply best practice and have well developed interpersonal skills and be a team player.