IT Security Operations Manager

Job content

At Arriva, our vision is to help shape a future where passenger transport is the best choice and our mission is to be the leading passenger transport partner across Europe. We employ more than 46,000 people and deliver more than 1.2 billion passenger journeys across 14 European countries every year.

We believe at Arriva that what you do is just as important as how you do it.

We’re very proud of our values, which include caring passionately, doing the right thing and making the difference.

About the role

As our IT Security Operations Manager, you will be responsible for managing the state of security controls across the Arriva Group. Taking a lead from the Group Technical Security team, you will ensure that the technical security controls in place are protecting the business from cyber risks.

This is a key role and a great opportunity to help drive efficiency from these controls in both their deployment but also their day-to-day management.

You will support the validation of security controls within the Arriva operations across Group IT that will help provide input of the effective manage of technical security controls.

The IT Security Operations Manager will work with other senior stakeholders and external parties to ensure that Arriva demonstrates that the business has consistent adequate controls and compliance to manage risk.

Other key responsibilities of the role include, but are not limited to:

• Ensure the day to day running of IT security on the Arriva Group estate are correctly functioning and acts as an adequate technical security control

• Ensure that IT security controls in place on the Arriva Group estate are being correctly managed and that those managing them are competent

• Work with outsourced security suppliers to help manage such security services that are not provided in-house

• Help define and implement a KPI framework that can be used to measure effectiveness of controls - and provide regular reporting on this

• Investigate suspected and actual security incidents in accordance with the security incident management standard, produce reports with recommendations and ensure any remedial action is taken.

• Manage the Security Information and Event Management system (SIEM) and other security systems ensuring appropriate actions are taken for all issues flagged for action by the system.

• Lead the drive and support the implementation of a zero-trust identity framework including Multifactor authentication, Privilege Identity Management (PIM), Conditional Access.

• Work with UK and Europe business IT functions to coordinate remediation activities and work in partnership to implement technical controls that reduce risk across the group business.

The role is based in Doxford; however, travel activity across the Arriva business areas is to be expected.

About you

You can demonstrable experience in a similar role within technical services and a strong understanding of technical security controls, ideally ITIL qualified.

You have a good understanding of IT Service providers, and have proven ability to effectively prioritise and self-organise the execution of tasks in a high-pressure environment covering a broad scope, including service improvements.

You have knowledge of all areas of IT Security, including Cyber Security; Identity and Access management; Authentication and Single Sign On; Authorization; Audit;

Secure communications and cryptographic services; Network protection, SIEM technologies, Web proxy and Office365.

Aside from the technical skills and experience, you have excellent written and verbal communication and presentation skills, particularly adept at simplifying and

articulating complex topics and employing a wide range of communication styles to engage with all levels of the organisation.

You respect individual’s views and positively encourages and contributes to a learning environment in which individuals are supported to develop to their full potential.

Our benefits

• Hybrid working model

• Pension Plan

• 25 days holiday with the option to purchase up to 10 additional days

• Cycle to work and Employee Assistance Schemes.

• "Arriva Village" - our employee rewards and benefits scheme.

Why work for us?

Our people choose to work for us, and to stay with us, because we’re a great place to work.

At Arriva, we strive to create a culture where we can all be ourselves, where we belong, feel respected and our differences celebrated.

We actively seek out and value difference. We want our business to reflect the wide range of communities in which we operate, so we can serve them even better.