Job Description – Head of Cyber Fusion Centre
About Hiscox:
At Hiscox we care about our people. We hire the best people for the work, and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We embrace hybrid-working practices, balancing the ability to work remotely with the culture and energy we experience when we are face-to-face in our offices. Our focus on collaboration and cross-functional working is supported with virtual tools that minimise physical travel, hot-desking neighbourhoods that create a physical sense of community and Team Charters that our teams co-create to set out how they’ll work together. This modern way of working has contributed to impressive employee engagement scores across Hiscox and means we’re delivering even better solutions for our Hiscox Colleagues.
As an international specialist insurer we are far removed from the world of mass market insurance products. Instead we are selective and focus on our key areas of expertise and strength - all of which is underpinned by a culture that encourages us to challenge convention and always look for a better way of doing things. We insure the unique and the interesting. And we search for the same when it comes to talented people. Hiscox is full of smart, reliable human beings that look out for customers and each other. We believe in doing the right thing, making good and rebuilding when things go wrong. Everyone is encouraged to think creatively, challenge the status quo and look for solutions. Scratch beneath the surface and you will find a business that is solid, but slightly contrary. We like to do things differently and constantly seek to evolve. We might have been around for a long time (our roots go back to 1901), but we are young in many ways, ambitious and going places. Some people might say insurance is dull, but life at Hiscox is anything but. If that sounds good to you, get in touch.
Head of Cyber Fusion Centre
Reporting to: Chief Information Security Officer (CISO)
Location: London or York (preferable), UK, Lisbon
Type: Permanent
The Role
The role of Head of Cyber Fusion Centre is to oversee our global cyber operations capability. You will lead a team responsible for proactively identifying cyber threats, responding to these threats and protecting our business from harm – 24 hours a day, 7 days per week, 365 days per year. It’s an exciting time to be taking on the role, as we begin our transition from a conventional Security Operations Centre (SOC) to a Fusion Centre operating model. You will be there at the start to shape the future of security operations for our business, and build a capability that we can all depend on to safeguard our people and our business from cyber threats.
The role leads the largest proportion of the Cybersecurity function at Hiscox, and needs a leader who can motivate and inspire their team to achieve technical excellence and never settle for average. You will be responsible for leading a multidisciplinary team consisting of Red Team, Blue Team, Security Engineers and Service Delivery leads. Technical knowledge and experience of both Red and Blue Team activities is essential to the success of this role. You will need to work closely with the Cyber Delivery Lead to ensure requirements and roadmap capabilities are clearly defined and planned. You will also be responsible for managing third party service providers in our partner ecosystem. The Head of Cyber Fusion Centre will report directly to the CISO and is a member of the Cyber Leadership Team (CLT). The role is based in London or York (UK) and is a permanent position.
Key Responsibilities:
1. Responsible for the end-to-end delivery of cybersecurity operations for the business.
2. Build, develop and maintain a roadmap of operational security capabilities for the Fusion Centre, based on agile and continuous improvement processes.
3. Develop, implement, test and maintain our cyber incident response processes and procedures - including the timely triage, analysis, containment, eradication and recovery from an incident.
4. Lead our initial response to security incidents and escalate accordingly.
5. Communicate with executives on active incidents and be able to clearly articulate complex technical details to audiences of varying technical understanding.
6. Provide technical leadership to a multidisciplinary team of security analysts (Red and Blue), engineers and service delivery managers.
7. Design, deliver and manage cyber related exercises such as table tops and cyber ranges.
8. Measure the effectiveness and performance of operational security controls through KRI and KPI metrics – ensuring operational readiness and resilience are maintained to acceptable levels.
9. Identify methods to continuously enhance our security operations and incident response processes and capabilities.
10. Acquire, train and retain cyber talent, with a focus on continuous professional development.
11. Train and mentor Fusion Centre personnel and build an environment that promotes knowledge sharing with other business teams.
12. Manage third party service providers in accordance with agreed SLAs, and associated quality and budget expectations.
13. Build and develop our relationships with industry partners.
14. Help to build and develop our 24/7 security operations mindset.
Candidate Profile:
1. Minimum of 8 years’ experience in cybersecurity operations, with at least 3 years in a leadership role.
2. Strong knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO, CIS, etc.).
3. Excellent knowledge of penetration testing tools, and practices for ethical hacking.
4. Excellent knowledge of Security Information and Event Management technologies and processes.
5. Excellent knowledge of Threat and Vulnerability Management technologies and processes.
6. Strong knowledge of Threat Intelligence systems and processes.
7. Strong knowledge of security engineering practices and procedures.
8. Strong knowledge of security technologies, tools, and methodologies (e.g., firewalls, encryption, penetration testing, etc.).
9. Familiar with financial services (preferably insurance) security standards and regulatory requirements.
10. Previous experience leading and managing a Security Operations Centre (preferably a next generation Cyber Fusion Centre), or a global Cyber Incident Response Team (CIRT).
11. Excellent communication and stakeholder management skills.
12. Ability to design, plan, coordinate and deliver operational security capability roadmaps.
13. Good leadership and team management skills, with the ability to motivate and develop staff and foster a culture of collaboration and technical excellence.
14. Certified Information Systems Security Professional (CISSP), or equivalent certification is desirable.
15. Industry recognised qualifications and experience in penetration testing (preferably CREST certified) and incident response handling is desirable.
#J-18808-Ljbffr