Descrição
Role OVO-View
Location: Hub based! Bristol, London or Glasgow
- But you have the flexibility to work wherever suits you best_
Team: Enterprise Security and Platforms
Salary banding: £104,750 - £126,270
Experience: Expert
Working pattern:Full-Time
Reporting to:Simon Goldsmith, Director of Enterprise Security & Platforms
Sponsorship: Unfortunately we are unable to offer sponsorship for this role.
This role in 3 words: Industrialising, Resilient, Performance
Top 3 qualities for this role: Thorough, Collegiate, Creative
In the words of the team, you should leave your current role for this one because.
"You will lead the teams that build and operate OVO's capabilities to detect, respond to, learn from and anticipate cyber attacks. This includes setting up a new attack surface management team to continuously monitor OVO's attack surface, administer our identity platform and oversee the response arising from misconfigurations and vulnerabilities. The solutions that cyber defence build and operate power the identification and reduction of downside risk and increase the chances for technology to enable Plan Zero."
Everyone belongs at OVO
At OVO, we are on a mission to solve one of humanity's biggest challenges, the climate crisis. And we know it takes all of us to change the world. That's why we need diverse people from all abilities, gender identities, ethnicities, ages, sexual orientations, life experiences and backgrounds to join us.
Teamworking for the planet
Everything we do here spins around Plan Zero. So, naturally, the team you'll be joining plays a gigantic role in making that happen. Here's how:
We're hiring creators, challengers and coaches. Every role we're hiring puts people at the heart of our information security strategy and uses technology and operational processes to build a resilient and performant business. The Path to Zero is paved with well-informed risk and reward decisions!
This role in a nutshell:
You will lead the team responsible for preparing for, detecting, learning from and anticipating security incidents that threaten OVO's mission and customers. You will lead the team that collaborates with our security service providers and internal technology and business teams to build and verify asset and threat tactic, technique and procedure detection coverage, manage our identity attack surface and automate workflows to identify and respond to attacks and misconfigurations rapidly and accurately.
Your key outcomes will be:
- Engage: tell compelling stories and land messages with clarity to inspire and engage those who we work with, both within and outside Enterprise Security & Platforms.
- Pioneer: scan the horizon, innovate, and challenge ourselves and others to stay ahead of the threat and risk landscape.
- Drive: fix ill-defined problems, lead our people and the business through unpredictable events, learn from those events and anticipate opportunities and threats so that we deliver on our security risk reduction goals.
- Strategise: understand the threat and business context in which OVO operates and how the data, systems and processes fit together. Use critical thinking and rigorous decision-making to protect the future health of our business and safeguard our customers..
- Connect: serve and care for our people. Create an inclusive culture so all of our people feel they truly belong, are heard, and can be themselves. Develop people - coach them, advance their potential, and encourage them to contribute.
*Systems *Familiarity aligning teams on the following technologies and platforms would be advantageous:
- GRC platforms (e.g. Hyperproof)
- Third Party Risk and Contract Management (e.g. Prevalent)
- Cloud Native Application Protection and Cloud Security Posture Management (e.g. Wiz)
- GCP, AWS and Azure native security and compliance monitoring
- CI/CD product development pipelines and automation
- SaaS discovery, event monitoring and security posture management
- Identity and Access Management and Privileged Access Management platforms
- Application Security Verification Standard and related technologies
- Web Application Firewall and Zero Trust Solutions (e.g. Cloudflare, BeyondCorps)
- Security Information and Event Management (SIEM) and Security Orchestration and Automated Response (SOAR)
- Endpoint, Cloud and Identity Detection and Response
- Issue and Project Tracking (Jira)
- Cyber Asset and Attack Surface Management
- Infrastructure Vulnerability Scanning
You'll be a successful Head of Cyber Defence at OVO if you**
- Are a coach: you have a passion for innovating new approaches to cyber security as well as industrialising proven methods and are able to inspire change across leadership and engineering teams.
- Are a challenger: you embrace failure and use insights from OVO and external intelligence to drive security risk prevention and response alignment. You are a champion for confronting fear