This website uses cookies to ensure you get the best experience.

BACB and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Linkedin
BACB career site
London · Hybrid

Cyber Security Operations Lead IAM

About Us

BACB is a UK bank that offers trade finance and complementary products to clients in specialist markets, especially Africa and the Middle East.

We have been helping businesses with trade finance and complementary products for over half a century, focusing on trade flows to and from Africa and the Middle East as well as real estate in the UK.

Our in-depth knowledge of the countries and practices where our clients operate ensures that we put them first.

Additional Info

  • Hybrid Working: 3 days onsite, 2 from home
  • Location: City of London
  • Contract Type: 6 month contract

Job Summary

As a Cyber Security Lead within our SOC, focusing on threat intelligence and Identity and Access management, the incumbent will play a pivotal role in managing the Security Operations Centre (SOC), ensuring effective threat detection, incident response, and continuous improvement of security measures.

Key Work Outputs and Accountabilities

SOC Management:

  • Lead deployment and daily operations of the SOC, including security events monitoring, detection, and response.
  • Ensure adequate coverage and effective response to emerging threats and security events.

Threat Intelligence:

  • Collect and analyse information from various sources to identify potential and existing cyber threats targeting the organization.
  • Assess the credibility, severity, and potential impact of identified threats, providing actionable intelligence to inform security measures.
  • Manage threat intelligence gathering and analysis to proactively identify risks and vulnerabilities.

Incident Response:

  • Oversee incident response processes, ensuring timely and effective resolution of security incidents.
  • Lead the creation of incident playbooks, ensuring these are regularly updated with any people, process or technology changes.
  • Create formal incident reports and conduct post-incident reviews. Track the lessons learned implementation to improve response strategies.
  • Provide threat intelligence and vulnerability management support during security incidents, helping to identify threat actors, tactics, techniques, and procedures (TTPs).

Identity and Access management (IAM):

  • Ensure all access is managed according to the organisation’s Identity and Access Management policy.
  • Conduct periodic access reviews as well as thorough technical assessments across the organization’s identity referential using tools such as Purple Knight, Ping Castle or equivalent.
  • Analyse IAM issues, determine their potential impact, and recommend strategies for risk prevention.

SOC Management:

  • Lead deployment and daily operations of the SOC, including security events monitoring, detection, and response.
  • Ensure adequate coverage and effective response to emerging threats and security events.

Threat Intelligence:

  • Collect and analyse information from various sources to identify potential and existing cyber threats targeting the organization.
  • Assess the credibility, severity, and potential impact of identified threats, providing actionable intelligence to inform security measures.
  • Manage threat intelligence gathering and analysis to proactively identify risks and vulnerabilities.

Incident Response:

  • Oversee incident response processes, ensuring timely and effective resolution of security incidents.
  • Lead the creation of incident playbooks, ensuring these are regularly updated with any people, process or technology changes.
  • Create formal incident reports and conduct post-incident reviews. Track the lessons learned implementation to improve response strategies.
  • Provide threat intelligence and vulnerability management support during security incidents, helping to identify threat actors, tactics, techniques, and procedures (TTPs).

Identity and Access management (IAM):

  • Ensure all access is managed according to the organisation’s Identity and Access Management policy.
  • Conduct periodic access reviews as well as thorough technical assessments across the organization’s identity referential using tools such as Purple Knight, Ping Castle or equivalent.
  • Analyse IAM issues, determine their potential impact, and recommend strategies for risk prevention.

Security Tools Management:

  • Supervise the deployment, configuration, and operation of security tools (e.g., SIEM, IDS/IPS).
  • Oversee the email, local network and web traffic security using Mimecast, Clearpass and Zscaler toolsets.
  • Ensure tools are optimized to detect threats while minimizing false positives.

Collaboration:

  • Work closely with cross-functional teams, including incident responders and system administrators, to contain and remediate security incidents as well as vulnerabilities.

Documentation:

  • Ensure that organisations IAM and Incident Management process documents are kept up to date and adequately aligned with the overarching cyber policy and risk requirements.
  • Maintain detailed records of incidents and IAM reviews, including analysis, response actions, and lessons learned, to continually improve SOC and IAM processes.


Required Qualifications and Experience

Educational Background: Bachelor’s degree in computer science, Information Technology, or a related field.

Experience: 3+ years of experience in vulnerability management, information security, or a related role.

Technical Proficiency: Advanced knowledge of cybersecurity tools and technologies, such as:

  • Identity and Access Management tools and platforms (e.g. Microsoft AD, Entra, PAM360, Purple Knight, Ping Castle)
  • SIEM (e.g., Splunk, QRadar, Arctic Wolf and Dark Trace)
  • Threat intelligence platforms (e.g., Recorded Future, Mandiant)
  • Strong understanding of cyber threat intelligence, attack vectors, and mitigation techniques.
  • Firewalls, IDS/IPS, and DLP solutions
  • Email, Network Access Control and Web traffic security tools (Mimecast, Clearpass, Zscaler etc)
  • Proficiency in incident response frameworks, such as SANS or NIST.

Certifications: Relevant certifications such as CISSP, CEH, or CompTIA Security+ are preferred.

Analytical Skills: Ability to analyse complex data sets to identify and mitigate security threats.

Communication Skills: Strong verbal and written communication skills to effectively collaborate with cross-functional teams and convey security concepts to non-technical team members.


Locations
London
Remote status
Hybrid
London · Hybrid

Cyber Security Operations Lead IAM

Loading application form