Detection & Response Security Manager
Our Technology teams are right at the heart of what we do. Surrounded by some of the best Technology specialists in the industry, you'll bring your own ideas to the business - helping to shape the experience of our customers as part of a forward-thinking team.
What You'll Get
The world is changing and it's important we support our colleagues. People are at the heart of what we do at Primark so it's essential we provide the right environment for you to perform at your best. That's why we offer benefits that put you first
Some of our benefits are:
1. 27 days of leave, plus bank holidays and if you want, you can buy 5 more.
2. Flexible Working, opportunity for an early Friday finish, and a subsidised cafeteria.
3. Primark Perks - Discounts with some local partner business to our offices
What You'll Do:
In your role, you'll collaborate with different people across a range of skillsets. Here's a flavour of your day-to-day:
1. Manage the execution of Security Operations Centre (SOC) capabilities, ensuring efficient and effective operation of detection, threat and incident response
2. A key contact for Primark's outsourced SOC provider, managing stakeholders and the first point of contact in the event of a potential security incident
3. Perform and coordinate threat hunting proactively to identify threats and assess the state of security controls; work with red teams to detect offensive operations, and capture and action findings
4. Triaging events from a wide range of sources, including reports from employees, security systems, ethical hackers and threat intelligence data
5. Ensure detection, protection, response and recovery runbooks are up to date, complied to and where possible highly automated with threat detection technology optimised
6. Ensure integration and onboarding of new security services within the monitoring and detection capability of the SOC
7. Conduct cyber security incident response tabletop exercises with various teams inside & outside the business that will be responsible for different response activities
What You'll Bring
Here at Primark, we want everyone to feel valued - so please bring your authentic self to work, of course with some other key experience and abilities for this role in particular:
1. 6+ years proven cyber security experience in a hybrid (on-prem & cloud-centric), fast-moving organisation
2. Demonstrate experience and in-depth knowledge of Cyber Security Operations, Incident Response and Investigations
3. Experience planning, prioritising and organising work in all required areas to meet requirements
4. An appropriate degree, equivalent qualification or experience
5. A recognised security certification is desirable e.g. GIAC, CompTIA, Microsoft, CISM, CISA, CISSP or CRISC
Ready? Good - because we can't wait to see what you can offer. You'll be joining a team of diverse, passionate, and talented individuals where you'll truly belong, collaborating on projects that will shape the future of our industry. If you're excited about this role but don't meet all the criteria, we encourage you to apply. You may be the right candidate for this role or another one, and our recruitment team Can determine where your skills may fit in at Primark.
Apply to be part of our future and we'll help you develop yours.
If you need any reasonable adjustments or have an accessibility requests, during your recruitment journey, such as extended time or breaks between online assessments, a sign language interpreter, mobility access, or assistive technology please contact your talent acquisition specialist.
All offers of employment are subject to background checks, including right to work, reference education and for some roles criminal, and financial checks. If you have any concerns please reach out to our talent acquisition team to discuss. #J-18808-Ljbffr