Cyber Security Lead

A warm welcome from The John Lewis Partnership! Thanks for your interest in joining us. The Partnership is a company that celebrates the uniqueness of each individual. Here, you’re not just an employee, you’re a Partner, and you’re valued for being your authentic self. We offer a range of incredible benefits that set us apart, including significant discounts, hotel suites, flexible working arrangements, equal parenthood leave and more. Our business is a dynamic retail network, but it’s so much more than just retail. We are branching out into other sectors, like built-to-rent, financial services, and retail media, featuring diverse departments that offer an extensive array of products, food options, experiences, and services. We are dedicated to both the people we serve and the Partners who contribute to our success. For that is the shared purpose that drives us. By working together, in Partnership, we are creating a place with happier people, for a happier business and a happier world. What’s the role about? The John Lewis Partnership’s Information Security strategy is progressive and ambitious. We provide a collection of security services, delivered through people, processes and technology. Working collaboratively, these services ensure that customers can shop with us efficiently, safely and securely, every single day. As an Information Security Lead, you will be responsible for the day-to-day operation of our Incident Response service which provides our front line of cyber defence - mitigating and defending against malicious cyber activity and adapting to an ever-changing threat landscape. It’s a fantastic opportunity to get hands-on with market leading next-generation cyber security tools, where you’ll be empowered to innovate within a supportive, collaborative and social team environment and agile culture. If you are enthusiastic about cyber security, if you thrive and perform in fast-paced, high-demand scenarios, and if you want to make a real difference at the UK’s largest co-owned retailer, then this role is for you. What you’ll be doing: As a Cyber Security Lead for our joint SOC and Incident response service, you will be highly technical and a subject matter expert, leading investigations and providing technical expertise for all types of cyber security incidents. You will be coordinating resolution activities across a wide range of stakeholders, providing an escalation path when required and supporting the development of other team members through coaching and training. You will lead the work of both our Managed Security Service Provider and in-house team, in the development of use cases, playbooks, processes and ways of working, new tooling adoption and continual improvement to allow the team to measure its performance and meet its desired outcomes. The Cyber Security Lead will additionally act as deputy for the Information Security Manager when required. Please note that as part of this role there will be a requirement to join an on call rota, supporting the business as and when needed outside of normal business hours. What you’ll have: Demonstrable experience performing a Senior/Lead Security Analyst or Incident Response role in a SOC, MSSP type environment with a focus towards incident handling covering; investigation, containment and eradication of threats. Proven ability to work in a time-sensitive situation, in a fast-paced environment and to progress despite ambiguity. Great attention to detail with an analytical mind and advanced problem-solving skills, especially in performing tasks such as log analysis. An accreditation such as ISC2 CISSP, Certified Ethical Hacker (C|EH), SANS, Comptia CySA, CertNexus CFR, BTLO 2 or INE eCIR and knowledge and understanding of IT frameworks such as NIST and Mitre ATT&CK Experience in continuous improvement to the productivity of security platforms, such as email security, EDR and SIEM and creating use-case definitions, runbooks and operating procedures. Excellent familiarity with the evolving threat landscape and in depth knowledge of cybersecurity tactics, techniques and procedures. Familiarity with tools linked to penetration testing such as; Kali Linux, Burp Suite, Wireshark, Nmap or similar. Comprehensive management reporting and communication skillshttps://www.jlpjobs.com/about/benefits/) Additional Information The application form consists of a CV upload, followed by application questions. Please visit - (Link->https://www.jlpjobs.com/how-to-apply/journey/) to understand more about application and hiring processes. Internal applicants please copy paste this link on to the browser for job outline - (Link->https://bit.ly/InfosecLead) We occasionally close vacancies early in the event that we receive a high volume of applications. Therefore we recommend you apply as soon as possible. #LI -LS1 #LI-HEADOFFICE #LI-Hybrid