Security Operations Manager

Job Purpose

Cyber security is a top priority for AkzoNobel as for any global organization operating in the cyberspace. Our objective is to protect our information and digital assets (IT and OT) by reducing our cyber risk exposure in order to pursue our business objectives. 
As part of the new cyber security strategy, supported by the ExCo,  we have recently redefined our security governance in line with the evolution of the threat landscape and modern best practices. In this regard the new Cyber Security and Compliance  department, under responsibility of the Global CISO, is responsible for Information and cyber security for the entire organization.

Security Operations Centre, led by the Security Operations Manager covers all the operational aspects of cyber security within Second Line of Defense including some core cyber security processes such as Vulnerability Management, Security and Threat Monitoring, and Cyber Security Incident Management.

We seek for an experienced Security Operations Manager able to develop and manage a modern and effective SOC (Security Operation Centre) and Security Operations capabilities by building an internal strong team, design and manage core processes and define tools. We aim to further develop our Security Operations capabilities following a hybrid model with both internal resources and the support of an MSSP (Managed Security Service Provider). 
Security Operations team is also responsible for driving cyber forensic analysis, for supporting technical cyber security Audits and investigations and for managing the relations with external peers and authorities for the exchange of treat intelligence. 
Due to her/his responsibilities and visibility the Security Operations Manager keeps relation with many internal stakeholders at any level of the organization

Responsibilities

In this role, you will: 
•    Manage the Security Operations team being responsible for its development in terms of size, scope, and responsibilities.
•    Design and manage the processes of vulnerability management for both IT and OT domains
•    Design and manage the process of security anb threat monitoring for both IT and OT domains
•    Design and manage the cyber security incident response process for the entire organization
•    Responsible for the process of firewall log analytics and for reviewing and approving firewall rules exceptions. 
•    Coordinate and manage MSSP (Managed Security Service provider)
•    Manage security investigations, forensics analysis and pent-test and red/blue team exercise
•    Define and report KPIs of the processes under your responsibility
•    Publish cyber security advisories and bulletins internally
•    Manage relations with external peers for the exchange of threat intelligence. 

What do you bring?

Experience / Education 

•    10+ year of experience in this role in multinational organizations
•    Degree or Master degree in, cyber security, computer science, computer engineering, or equivalent work experience is a plus
•    Strong experience in building and managing internal and hybrid SOC teams and ability to lead Cyber Security analysis and investigations for both IT and OT domains
•    Proficiency in designing and implementing security and threat monitoring, cyber security incident response processes.
•    Proficiency in designing and managing vulnerability management process
•    Knowledge and experience with cyber security technologies and solutions at least in threat monitoring, network security, application security, cloud security, IAM, endpoint security, threat management, endpoint security and OT/ICS security
•    Experience with adversary TTP (Tactic, Technique, Procedures) like MITRE ATT&CK
•    Experience and knowledge with ICT technologies, product, and solutions
•    In depth knowledge of Security standards and frameworks (e.g., ISO27001, NST CSF, ISO62433) 
•    The following certifications (or other equivalent) are considered a plus:
•    Certified Ethical Hacker (CEH)
•    Computer Hacking Forensics Investigator (CHFI)
•    EC-Council Certified Security Analyst (ECSA)
•    Licensed Penetration Tester (LPT)
•    Good knowledge of IT processes and IT Operations Management (ITIL) 

Key Generic Competencies 

•    Proactiveness, energy and passion for cyber security
•    Strong people manager, team builder and team player 
•    Good communication skills, able to engage with stakeholders at all levels in the organization
•    Strong analytical and problem-solving capabilities, structured thinker, and manager, combines a helicopter view with the ability to ‘dig deep’ where needed
•    Ability to work under pressure, in a multinational and multicultural environment
•    Ability to manage (and grow) strategic relationships with key external partners. 

What does AkzoNobel offer?

AkzoNobel is consistently rated as one of the top employers in The Netherlands.  

You will join a company that is committed to achieving real sustainability.

We offer great personal development opportunities and roles with breadth, depth of scope and impact.
We also offer comprehensive packages including:
•    Competitive Salary
•    STI Bonus
•    30 Days’ vacation
•    Hybrid working
•    AkzoNobel pension plan
•    Public transport card or Lease Car or flexible travel allowance
•    Access to a range of amazing benefits