Skip to content
Working at Sodexo - engineer fixing large machinery

Our vacancies

Search Jobs  

Head of Operational Security

Please Note: The application deadline for this job has now passed.

Job Introduction

Our Information, Systems and Technology (IS&T) team is undergoing an exciting period of change and transformation, so we have opened a new position for an Operational Security Manager

You'll lead the Operational Security domain of the IT & Cyber Security activity in UK & Ireland by being accountable of the operational delivery (i.e. ‘run’ activities) and of the development of the domain by proposing team, processes and procedure evolution. You'll oversee key staff (in-house and outsource) working to identify and safeguard our organisation from intrusion, security threats and exploits.    

You'll be responsible for the development and implementation of cyber crisis procedures and processes, and responsible for the deployment and maintenance of security solutions (e.g. multi-factor authentication, antimalware, EDR, vulnerability scanners, etc.).

This is an exciting role where you’ll be able to quickly see the benefit and value add that you bring to our organisation, you’ll work with a wide range of stakeholders and technical experts.

This is a work at home role.

Role Responsibility

  • Lead and drive the evolution of the Operational Security domain  
  • Anticipate and identify new people, process and technology needs for the development of the domain  

  • Contribute to business cases as needed with the support of the Regional CISO  

  • Bring automation principles as the default way to go in all operational activities across the domain, and influence beyond  

  • Establish budget, forecast and track expenses for the Operational Security domain  

  • Advise the Regional CISO and IS&T leadership on future investments  

  • Build relevant KPIs & dashboards for regular review with the IT & Cyber Security leadership, and the IS&T leadership as needed  

  • Identify knowledge gaps in the team and select appropriate training for upskilling team members  

  • Ensure a technology watch is performed across the team to keep up with emerging threats and technology in the Operational Security domain  

  • Manage resource allocation and capacity planning of the team

  • Supervise the deployment and maintenance of operational security solutions in the region  

  • Coordinate the regional deployment of Global security solutions  

  • Identify regional specific needs and requirements, and determine the best approach and solutions for the region to cover risks  

  • Build support and operating model of security solutions in the region in coordination with IT stakeholders (e.g. Infrastructure & Application teams)  

  • Manage the relationship with vendors and suppliers  

  • Supervise the management of security incident response in the region  

  • Ensure security incident response procedures are implemented in line with Group Security directives  

  • Ensure appropriate response to security incidents and coordination with stakeholders  

  • Act as escalation point for security incidents 

  • Report and escalate when appropriate major incidents to the right stakeholders as per the defined processes and procedures  

  • Lead post incident reviews for process and measure improvements, and implement sound changes in coordination with the Regional CISO  

  • Define and maintain the cyber crisis processes and procedures  

  • Supervise the vulnerability management remediation process  

  • Ensure vulnerabilities are timely detected, qualified and reported to the right stakeholders in IS&T and the business when required  

  • Validate action plans to deal with identified vulnerabilities and ensure progress is tracked in coordination with the IT Compliance and Control Officer  

  • Support remediation activities by coordinating with or delegating to Subject Matter Experts

The Ideal Candidate

  • Graduate calibre.  

  • Experience of handling cyber security incidents, threat hunting and forensic  

  • Experience in selecting, deploying, and maintaining security solutions  

  • Experience of vulnerability management  

  • Experience in financial forecasts, budget, and business planning  

  • Experience of people management 

  • Strong skills and knowledge regarding Threat Intelligence with conclusive CERT/CSIRT activities 

  • Proficiency in core information security principles (access control, operating system security, vulnerability management, etc.)  

  • Knowledge of MITRE ATT&CK framework 

  • Knowledge of NIST framework and OWASP 

  • Rigorous and organised  

  • Strong-will minded  

  • Analytical and problem-solving capabilities  

  • Resilient  

  • Quick decision maker  

  • Ability to work under pressure  

  • Ability to work in a matrixed organisation  

  • Knowledge of one or more security standards (Cyber Essentials, ISO2700x, PCI DSS, etc.) is a plus  

  • Experience of hardening operating systems is a plus  

  • Experience in DevOps/DevSecOps is a strong plus  

  • Experience in public Cloud (Azure, AWS, GCP) is a plus   

  • Experience of establishing and conducting proof of concepts with security solutions is a plus 

Package Description

up to £75,000 + 15% bonus + benefits

About the Company

In the UK and Ireland, Sodexo employs around 30,000 people, and partners with clients in many sectors across business and industry; schools and universities; sports and leisure; energy and resources; government and agencies; healthcare; justice and defence.

Sodexo’s connected; people-centric approach brings together a diverse range of expertise. The breadth of services it offers ranges from food and hospitality; cleaning; reception; concierge (Circles); security; property management and technical services through to data driven workplace strategy and design (Wx); employee engagement and recognition services (Sodexo Engage) and personal home services through Prestige Nursing + Care and the Good Care Group.

Vital Spaces is Sodexo’s value proposition that puts people at the heart of everything we do, bringing together services and solutions and focusing on the productivity and wellbeing of people wherever they are.

Sodexo is committed to being an inclusive employer; we welcome and encourage applications from people with a diverse variety of experiences, backgrounds and identities.

We’re a Disability Confident Leader employer. We’re committed to changing attitudes towards disability, and making sure disabled people have the chance to fulfil their aspirations.

We are building on our support to the Armed Forces community through the development of specific pathways within our recruitment process to  support ex-forces personnel and reservists, those applying for jobs with us who meet the ideal candidate criteria for the role advertised are guaranteed to progress to the selection process

This website is using cookies to improve your browsing experience. If you navigate to another page without changing the settings bellow you consent to this. Read more about cookies.