InfoSec Ops Manager

Rightmove

  • London
  • Permanent
  • Full-time
  • 1 month ago
Role: InfoSec Ops ManagerLocation: London - hybrid 2 days a week in the officeReports to: CISOThe roleAs Security Ops Manager, you'll be working across a range of areas to support the information security needs of a busy, high-profile website, as well as an administrative IT environment that supports nearly 1,000 people across 3 office locations with many remote workers. As well as working closely with the other members of the Information Security team, the role will also require extensive engagement across other departments within Rightmove (including IT Services, Product Development, Compliance. Legal, HR etc.) to ensure security objectives are being met, incidents are being responded to effectively, and our security stance remains strong.What you’ll be doing
  • Providing technical leadership and acting as a subject matter expert on information security best-practice.
  • Planning and delivering projects to achieve our information security objectives.
  • Working with DevOps teams on implementing security controls in our new GCP based web hosting environment, and with delivery teams on implementing controls into the software development and CI/CD processes.
  • Collaborating with the IT Infrastructure team on the security elements of migrating our on-premise Windows estate into Azure.
  • Leading threat modelling sessions with technology teams from both the website and corporate IT functions.
  • Working with team members to set up and manage SIEM and XDR tooling and establishing processes and workflows to support incident response and SOC activities.
  • Leading threat hunts to proactively discover potential compromises before they lead to bad security outcomes.
  • Working with team members and external partners on penetration tests and red team engagements to assess our security posture, along with our detection and recovery capabilities.
  • Helping evaluating our response to regulatory/legislative requirements and recommending actions if needs be (e.g. FCA compliance, PCI-DSS, GDPR etc).
  • Keeping up to date with cyber threat intelligence and emerging attack vectors, always evaluating the materiality of the threat to Rightmove and helping shape our response.
  • Coaching and developing your people, with regular 1-to-1s and continuous feedback.
  • Supporting your team members by actively removing blockers.
We’re looking for someone who
  • Has a passion for Information Security and understands how this is embedded into an organisation.
  • Can manage their own workload, making decisions on what tasks need to be prioritised.
  • Is confident to communicate and collaborate with internal and external stakeholders, either individually or in group settings, and across a variety of levels of seniority and technical understanding.
  • Can reach decisions, even if they are difficult, and is able to provide a clear explanation of the rationale and approach taken.
  • Can be trusted to keep confidences, and displays a high level of professional integrity.
  • Follows through on commitments and can be relied upon to get things done.
  • Is proactive, hands-on and wants to make things better.
What you’ll bring to the role
  • Minimum of five years working in a technical security-based role, or equivalent in research at an education level above degree.
  • A degree in Computer Science, Computer Security or other technical area or an equivalent level of industry experience, or a high-level Security qualification such SANS Cyber Defence, EC-Council Certified Security Analyst, OSCP etc.
  • Professional experience in three or more of the following areas (and a willingness to learn about the others):
  • Application security (with a focus on web applications); including the use of security controls in an agile development environment
  • Linux security
  • Securing Windows, Active Directory and M365 environments
  • Container security
  • Cloud Security (ideally in GCP and / or Azure environments)
  • SIEM and EDR / XDR systems
  • Incident Response.
  • Strong understanding of networking principles including TCP/IP, DNS etc. and commonly used Internet protocols such as SMTP, HTTP etc.
  • Experience working in IT security in a cloud focused environment.
  • Good data processing skills – experience with ELK, Splunk or similar would be beneficial
  • Report writing and note taking skills.
  • Ability to prioritize both operational and project demands.
  • Line management experience.
About RightmoveOur vision is to give everyone the belief they can make their move. We aim to make moving simpler, by giving everyone the best place to turn to and return to for access to the tools, expertise, trust and belief to make it happen.We're home to the UK's largest choice of properties, and are the go-to destination for millions of people planning their next move, reading the latest industry news, or just browsing what's on the market.Despite this growth, we’ve remained a friendly, supportive place to work, with employee #1 still working here! We’ve done this by placing the Rightmove Hows at the heart of everything we do. These are the essential values that reflect our culture, and include:
  • Be approachable and appreciate what others do
  • Make complex things as simple as possible
  • Build great teams, because Rightmove is people
  • Drive improvement, we can always be better
  • Share early, honestly and often
We believe in careers that open doors, and help our team develop by providing an open and inclusive work environment, offering ongoing training opportunities, and supporting charity fundraising events. And with 88% of Rightmovers saying we’re a great place to work, we’re clearly doing something right!If all this has caught your eye, you may well be a Rightmover in the making...What we offerPeople are the foundation of Rightmove - We’ll help you build a career on it.
  • Cash plan for dental, optical and physio treatments
  • Private Medical Insurance, Pension and Life Insurance, Employee Assistance Plan
  • 27 days holiday plus two (paid) volunteering days a year to give back, and holiday buy schemes
  • Hybrid working pattern with 2 days in office
  • Contributory stakeholder pension
  • Life assurance at 4x your basic salary to a spouse, family member or other nominated person in your life
  • Competitive compensation package
  • Paid leave for maternity, paternity, adoption & fertility
  • Travel Loans, Bike to Work scheme, Rental Deposit Loan
  • Charitable contributions through Payroll Giving and donation matching
  • Access deals and discounts on things like travel, electronics, fashion, gym memberships, cinema discounts and more
As an Equal Opportunity Employer, Rightmove will never discriminate on the basis of age, disability, sex, race, religion or belief, gender reassignment, marriage/civil partnership, pregnancy/maternity, or sexual orientation.At Rightmove, we believe that a diverse and inclusive workforce leads to better innovation, productivity, and overall success. We are committed to creating a welcoming and inclusive environment for all employees, regardless of their background or identity, to develop and promote a diverse culture that reflects the communities we serve.Ultimately, we care much more about the person you are, and how you think and approach things, than a list of qualifications and buzzwords on a CV. Even if you can’t say ‘yes’ to all the above, but are smart, self-motivated and passionate about Customer Care, then get in touch.

Rightmove