Join Ofwat’s Corporate Enablers as a Head of Security Operations & Incident Response Office Location: Birmingham (B5 4UA) with hybrid working About Us We are Ofwat, the Water Services Regulation Authority, a non-ministerial government department responsible for regulating the water sector in England and Wales. Our work has genuine significance – no other organisation does the work we do. It’s unique and meaningful: keeping our water flowing; ensuring water bills don’t cost a penny more than needed; holding water companies to account. Come and work at the source of everyday life. The Role As the Head of Security Operations and Incident Response, you will be responsible for the Security Strategy in Ofwat, our security operations, and overseeing the monitoring and response to security threats and incidents. You will lead a high-performing team and be the primary point of contact for the leadership team and business stakeholders for any security event, ensuring comprehensive monitoring and effective response to cyber security threats across all networks, assets, and users. You will also be responsible for managing incidents related to personnel, technical, and physical security breaches, working with the appropriate stakeholders. As Head of Security Operations, you will shape response policies and processes to ensure they meet evolving needs, in line with appropriate government and other standards; including the UK Government Security Group and GovS007 security standard. You will provide reporting and insights to key stakeholders. To find more details about the role and deliverables please click Apply. About You Below are some of the key essential experience, skills & knowledge required for this post: Strong understanding of cyber security operations, monitoring, response, and incident management processes. Proven experience in incident management, incident investigation, and response. Experience in leading and coordinating a high-performing operational security team across multiple locations. Experience of creating security strategies to improve the security maturity of an organisation Proven experience and expertise in one or more of the following: SIEM systems preferably Microsoft Sentinel, network and systems security, intrusion detection/prevention, and malware analysis. Strong analytical skills, with the ability to correlate and identify trends, patterns, and outliers within large security datasets and telemetry. Professional Qualifications: At least one professional qualification such as CISSP, CISM, SANS, or equivalent. Understanding of legislation relevant to incident response, network monitoring, and investigations Knowledge and awareness of information risk assessment and risk management. Professional Memberships: Membership of a relevant institution or body, e.g., Institute of Information Security Professionals, Council for Registered Ethical Security Testers Why You Should Join Us: - Meaningful Impact: You will be joining a team with a sense of mission at its core aiming to build a lasting legacy for future generations by securing our long-term water resilience. Innovative Work Environment: We embrace agile and new ways of working and have a culture build on trust, flexibility, and collaboration. Development Opportunities: Gain valuable experience and develop your skills in a supportive and dynamic setting. Work-Life Balance: Enjoy the flexibility of working from home combined with the benefits of in person collaboration in our London or Birmingham offices. Fantastic employer pension contribution of nearly 30%. 25 days’ annual leave, increasing to 30 with each year of service, plus bank holidays and an extra 2.5 days of privilege leave. Access to exclusive discounts on a variety of goods and services, including retail outlets, theatre tickets, holidays, insurance, and a gym membership. Fees paid for membership of relevant professional bodies. Up to 3 volunteering days per year. Recognition vouchers scheme rewarding your hard work. Generous shared parental leave and pay supporting your family life. Follow the link to Apply for full details about the role, please ensure you have submitted your Applications in full before the below deadline. Closing date: 23.55 on 23rd February 2025