Group Security Operations Manager

As part of the BME Information Security team, the Security Operations Manager is responsible for building, maintaining and managing a threat and vulnerability management system and security operations center (SOC, SEIM, MDR, EDR, event monitoring and analysis, etc.) for the BME Group and its operating companies across Europe.

Location
BME Group
Schiphol-Oost
Level
Group Manager
Industry
Building materials
Employment
Full-time
Interested in this opening?

The purpose of the Role

As part of the BME Information Security team, the Security Operations Manager is responsible for building, maintaining and managing a threat and vulnerability management system and security operations center (SOC, SEIM, MDR, EDR, event monitoring and analysis, etc.) for the BME Group and its operating companies across Europe. BME is on a journey towards becoming an increasingly digital, data driven organization leveraging the latest application technologies to improve customer experience and drive organizational efficiencies. This is an excellent opportunity to be part of a transformation where you can make an impact by supporting the business being successful.


In this role you will report to the Group CISO and work in close collaboration with Group IT Operations, internal operating company IT teams and external suppliers. With your strong background in cyber threat management, you will be the anchor point for the security operations program across BME. You will work together with the relevant stakeholders and suppliers to enable integrated threat management across the Group. You will develop security policies and procedures for the global organization and provide consultancy on tactical and operational implementation.


Key Tasks and Responsibilities
The Security Operations Manager is responsible for the design, implementation and operation of all aspects related to Security Operations within the BME organization. This includes:
▪ Manage outsourced security partners, providers and other third parties and deliver those services into the organization.
▪ Lead the virtual team in support of all designated Security Operations and Incident Response tasks.
▪ Provide technical consultancy to team members in areas of cyber security and threat management.
▪ Develop an understanding of operational risks and develop and drive process to minimize the impact of these risks
▪ Oversight, planning and execution of required vulnerability audits, penetration tests or forensic IT audits or related investigations. You will need to ensure that any findings are fed into projects improving your organization’s overall IT Security.
▪ Development of relevant SecOps KPI’s.
▪ Develop and support strategic plans and projects to meet SOC goals and objectives.
▪ Provide information and tactical guidance to leadership during incidents.
▪ Involvement in arranging staff training in security awareness skills. You will confirm that associated protocols, methodologies and procedures are implemented successfully.
▪ Conduct after-action reviews to identify lessons learned and best practices.
▪ Routinely engage with cross-functional teams including engineering, infrastructure and developers to evaluate and improve SOC’s ability to meet stakeholder and business needs.


Education and Experience
• 6+ years’ experience in the information security industry or demonstrable experience as a Security Operations Manager.
• Excellent understanding of security operations and cyber threat management.
• Experience with building and running a Security Operations Centre (MDR, EDR, pentesting, vulnerability management, threat hunting and threat modeling).
• Leadership in a fast changing, multi-stakeholder environment.
• Successful track record of effective project coordination, prioritization, collaboration, organization and timely project delivery.
• Able to manage a large and complex workload, prioritizing as needed
• Azure experience is a plus.
• Knowledge of relevant IT Security related hardware, software and vendor solutions (MDR, EDR).
• Ability to quickly get to the root cause of issues.
• You will need to be organized, efficient and able to work unsupervised under your own initiative.
• A stable career track with clear career progression within a limited number of employers.
• Experience with working in an international and matrix environment
• Eager and ambitious with the ability to go at least one level up.
• Fluent in English and ideally in German, Dutch or French as well; preferably female for diversity reasons (but not entirely excluded either for the right candidate).


Key Characteristics
Values
• Dare
• Care
• Do it
• Be real
• Win together


Location

Hybrid. Schiphol and home-office. The Netherlands.


Procedure
• Interview by Recruiter
• Interviews with BME
• Assessment
• Background and Reference check
• Final Interview


Acquisition by agencies is not appreciated. By applying for this role you agree to store your CV in our files and to share it within BME and operating companies during the recruitment process according to our policy.
You may submit a written request to careers@bme-group.com revoking your consent at any time.

SKILLS

Security Operations

SOC

Cyber Threat Management

SecOps

FOR QUESTIONS

Vlatka Simac

Group Manager Talent Acquisition

Interested in this opening?


ALSO INTERESTING

Group Assistant

In this exciting role you provide comprehensive administrative support including day-to-day proactive diary management, general operational support and effective preparation and co-ordination of activities of the VP Digital.
You will provide full secretarial and administrative support such as monthly report collation, meeting organization and general administration duties.

Group Integration Architect Azure

As part of the BME Group IT organization the Group Integration Architect Azure  is responsible for the co-design and implementation of value add group wide solutions that support our business objectives. Do you want to make impact with the creation of world-class integration solutions on the Microsoft Azure platform providing secure and seamless connections between our key business applications, data lake and digital platforms?