Head of Security Incident Response and SOC (73127)

.

BAT is evolving at pace into a global multi-category business. With products like VELO VUSE and GLO we are on a mission to decrease the health impact of our industry

To achieve our ambition we are looking for colleagues who are ready to Be The Change. Come join us on this journey!

British American Tobacco has an exciting opportunity for a Head of Security Incident Response and SOC

The Incident Response and SOC Leader is a critical role within BAT responsible for leading and overseeing all aspects of Incident Response activities and managing the Security Operations Centre (SOC). This individual will play a vital role in protecting the organizations critical assets and ensuring business continuity in the face of cyber threats.

Continuously improve the effectiveness of the incident response process

Reduce the Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) for security events and incidents

Improve the overall security posture of the organization

Enhance the organizations ability to detect and respond to cyber threats

Proactively identify and mitigate emerging security threats

Build and maintain a high-performing IR and SOC team

Ensure compliance with all relevant security regulations and industry best practices

Provide timely support to Legal Privacy Compliance and Human Resources investigations

This role will have a significant and direct impact on BAT by:

Strengthening Security Posture: Enhancing the organizations ability to detect prevent and respond to cyber threats minimizing risk and protecting critical assets

Improving Operational Efficiency: Automating security operations processes freeing up valuable resources and enabling faster more effective responses to incidents

Driving Innovation: Fostering a culture of security innovation and exploring emerging technologies to stay ahead of the curve

Building a Competitive Advantage: Enhancing the organizations reputation for security and building trust with stakeholders

Your key responsibilities will include:

Incident Response Management

Lead and coordinate incident response activities including triage investigation containment eradication and recovery

Develop and maintain an effective incident response plan and communicate it to all relevant stakeholders

Conduct post-incident reviews to identify lessons learned and implement improvements to the incident response process

Collaborate with other BAT stakeholders such as IT legal and human resources to effectively manage security incidents

Lead and Manage the Security Operations Center

Oversee the daily operations of the SOC including threat monitoring security event analysis and incident response activities (currently provided by external MSSP)

Manage and mentor a team of security analysts providing guidance training and performance feedback

Develop and maintain standard operating procedures (SOPs) including incident response playbooks threat hunting methodologies and security monitoring rules

Work closely with SOC Engineering to implement and maintain security information and event management (SIEM) and other security monitoring tools

Threat Intelligence and Hunting

Stay abreast of the latest cyber threats and vulnerabilities

Conduct proactive threat hunting activities to identify and mitigate potential threats before they can impact the organization

Analyze threat intelligence data to identify and prioritize threats relevant to the organization

Confidential Investigations

Support Legal & Privacy Compliance Human Resources and other sensitive investigations requiring digital forensic analysis

What are we looking for

Ability to think critically solve complex problems and make data-driven decisions

Strong leadership skills to inspire and motivate the team

Strong technical expertise in incident response and security operations including SIEM SOAR EDR PAM firewalls proxies and other relevant security technologies

Experience with security monitoring tools (e.g. intrusion detection systems firewalls endpoint detection and response)

Strong investigative analytical and problem-solving skills

Strong knowledge of security frameworks and standards (e.g. NIST CIS ISO 27001)

Excellent communication and interpersonal skills to collaborate with technical and non-technical stakeholders

Advanced security certifications (e.g. SANS CISSP CISM CISA)

Experience with cloud security (e.g. AWS Azure)

Knowledge of machine learning and artificial intelligence applications in security

University degree; or7 years of relevant professional experience

What we offer you

• We offer a market leading annual performance bonus (subject to eligibility)
• Our range of benefits varies by country and includes diverse health plans initiatives for work-life balance transportation support and a flexible holiday plan with additional incentives
• Your journey with us isnt limited by boundaries; its propelled by your aspirations. Join us at BAT and become a part of an environment that thrives on internal advancement where your career progression isnt just a statement its a reality were eager to build together. Seize the opportunity and own your development; your next chapter starts here.
• Youll have access to online learning platforms and personalized growth programs to nurture your leadership skills
• We prioritise continuous improvement within a transformative environment preparing for ongoing changes

WHY JOIN BAT

Were one of the few companies named as a Global Top Employer by the Top Employers Institute certified in offering excellent employee conditions.

At BAT we champion collaboration inclusion and partnership as the bedrock of our values. We wish to foster an environment where every individual can thrive irrespective of factors such as gender sexual orientation marital or civil partnership status gender reassignment race religion or belief colour nationality ethnic or national origin disability age skills experience education socio-economic and professional background as well as diverse perspectives and thinking styles. We recognise that our strength lies in embracing talent from all walks of life empowering us to develop our culture of inclusivity and better achieve our business objectives.

We view career breaks not as obstacles but as opportunities and encourage everyone without hesitation to apply. Through our Global Returners program we provide support to professionals seeking to re-enter the workforce after an extended absence be it for family care parental leave national service sabbatical or starting their own venture.

Come bring your difference and see what is possible for you at BAT. Learn more about our culture and our award winning employee experiencehere.

We take pride in being a Disability Confident Employer. If you need any reasonable adjustments or accommodations to be made during the recruitment process to support you performing at your best please inform the recruitment partner who will be in touch should your profile be selected for the role you applied for. We are wholeheartedly committed to optimising your prospects of success by making suitable arrangements so that you may showcase your full potential.

.