Mission/Purpose of the Job
Security Operations Lead plays a crucial role in maintaining a Vacuum Technique Business Area's cybersecurity posture, Security Operations Lead will be involved in and/or leading multiple streams including but not limited to; Security Operations, Mergers & Acquisitions integration, Risk and Vulnerability Management

Main Responsibilities

Leadership and Mentorship:

• Lead by example a team of Security analysts, providing direction, support, and coaching to ensure the team meets performance objectives.
• Develop and maintain an effective security team through hiring, training, and career development initiatives.
• Represent Security Operations and the wider Information Security function in the global technology team. Be a central point of contact for day-to-day activities and relationships with key stakeholders for Security Operations activities:Security Operations, Mergers & Acquisitions integration, risk management and Vulnerability Management.
• Establish metrics and monitoring to report the effectiveness and efficiency of the Security Operations function.
• Identify and implement new ways to automate and improve Security across the business.
• Working collaboratively with other IT/ Group Security, Information Security, Architecture, Business and PMO teams within Vacuum Technique and the wider Atlas Copco Group.

Security Operations:

Overseas Security Operations including reviewing and making the activities efficient and aligned with industry

standards: 

•  Incident Response: Review, action Incidents, Requests within SLA
• Generic account approvals: Thorough investigation on request and process review within SLA
• Admin access requests: Thorough investigation on request and process review within SLA 
• Third-Party Apps Assessment and Approval: Security questionnaire for assessment based on type of apps and use within SLA following SOPs
• Process reviews and documentation: Review existing process and update. Create new SOPs for all Security Operations activities
• Security and firewall changes assessment: Change approval process review and security assessment within SLA following SOPs
• Reporting related to Security Tasks: Producing and Deliver the project reports every 2 weeks
• Customer Assessment: Audit and assessment by Customer and share the required evidence within SLA following SOPs
• SecOps -Group Security - Working with Group Security on Ad-Hoc tasks
• OT Security Baselining to be completed on demand

Vulnerability Management:

Overseas Vulnerability Management including reviewing and making the activities efficient and aligned with industry

standards: 

• Pentest Scoping: Liaising with the product owner and Order Apps Pentest following SOP and within SLA
• Follow-Ups: Follow-up to achieve the milestone: until vulnerabilities are mitigated / remediated
• Reporting: Testing and Remediation: Review test reports for Remediation following SOP and within SLA
• Exception Process: Liaising with the product owner to understand the application details and exceptions following SOP and within SLA

Collaboration and Stakeholder Management:

• Work closely with Group IT operations, infrastructure teams, and external vendors to ensure seamless integration of security measures.
• Collaborate with business units to understand and implement security requirements tailored to the organization’s needs.

Documentation and Reporting:

• Document security procedures, best practices, and lessons learned for internal and regulatory purposes.
• Prepare detailed security reports and presentations for senior management on risk assessments, incident response, and system status.

Mergers & Acquisitions integration, risk management:

Oversees Mergers & Acquisitions including reviewing and making the activities efficient and aligned with industry

standards: 

• Due Diligence (DD): Kickstart the M&A process by performing DD as per Group Security template following SOP and within SLA
• Testing: Manage the scoping of Security testing following SOP and within SLA
• Risk Identification and Remediation: Follow up on Risk Identified during DD and Pentest following SOP and within SLA
• ATP Rollout: Identify the asset and perform the ATP installation on assets in scope following SOP and within SLA
• Liaising with IT infra. Team: Work with IT Infra. Team and help in a secure way of implementation/integration
• Application Review: Review the applications and provide recommendations/alternatives following SOP and within SLA
• M&A regular Reporting: Provide the M&A information as per the group security requirements to all stakeholders. Ensure all trackers ‘Risks Registers, M&A, Application/Software Assessments, Customer Assessments are always up to date.

Experience:

At least 8-10 years of experience working in Security Operations, with hands-on experience in

• Security Testing: Ability to simulate cyberattacks to identify and exploit vulnerabilities in systems and networks
• Vulnerability Assessment: Proficiency in using tools to scan and identify vulnerabilities in various systems and applications
• Risk Assessment and Management: Skills to evaluate the potential impact of vulnerabilities and prioritize remediation efforts based on risk
• Threat Intelligence: Understanding of current threat landscapes and the ability to analyse threat data to anticipate and mitigate potential attacks
• Patch Management: Knowledge of applying patches and updates to software and systems to fix vulnerabilities
• Configuration Management: Ensuring systems are securely configured and maintaining these configurations over time
• Compliance and Regulatory Knowledge: Understanding of legal and regulatory requirements related to cybersecurity (NIST, CRA, CMMC, ISO 27001, CISM) and ensuring systems comply with these standards

Education:

• Bachelor’s degree in Information Technology, Computer Science, or a related field.
• Relevant certifications such as ISO 27001, CISM are highly desirable.

Personal Attributes:

• Strong attention to detail and a methodical approach to security management.
• Excellent communication skills, with the ability to work collaboratively with both technical and non-technical stakeholders.
• Ability to manage multiple priorities and work in a fast-paced environment.
• Strong analytical skills and a proactive approach to security risk management.