Their core tasks include governing the SOC service, managing the catalogue of use cases, establishing quality criteria, coordinating source onboarding and log retention, as well as following up on SLAs/OLAs with suppliers. In addition, they supervise and coordinate other services related to the second line of defence and define the security policy in cloud environments.

Additional responsibilities include defining Threat Intelligence requirements and integrating them with the SOC, incident and crisis governance, monitoring incident and vulnerability management carried out by IT, coordinating executive communication in critical situations, and developing improvement plans following serious incidents.

Reporting to: Pérez-Llorca’s CISO

Scope: The entire geographical and organisational scope of Pérez-Llorca.

Team and resources: Access to internal and external resources necessary for the correct provision of the service (SOC providers, integrators, internal technical areas), with the capacity to influence and coordinate multidisciplinary teams.

Type of role: The ideal candidate will have a primary focus on service management and governing the second line of defence, complemented by security architecture, technical analysis and transversal leadership skills.

In an environment of growth and transformation, you will drive common standards, validate critical designs and accelerate continuous improvement alongside the CISO. While the position includes responsibility for governing the security architecture, the technical implementation and execution rests with integrators and frontline teams. Architecture is exercised from a strategic and coherent perspective, not as an operational design

Requirements

• Second Line of Defence Service Management
  • SOC service governance: cataloguing use cases, quality criteria, source onboarding and log retention; tracking SLAs/OLAs to providers.
  • Supervising and coordinating other second line of defence services.
  • Defining and governing the Cloud security policy.
  • Establishing the requirements for threat intelligence, integrating them with SOC and measuring their effectiveness.

• Incident and Crisis Governance
  • Overseeing, from the second line of defence, that operations and infrastructure adequately manage security incidents and vulnerabilities in accordance with defined processes and standards.
  • Leading governance and communication in major security incidents.

• Security Architecture and Standards
  • Defining the organisation’s cybersecurity architecture.
  • Establishing security standards and guidelines, applying Security by Design, ZeroTrust, IAM and DLP principles.
  • Establishing and applying design/acceptance gates and validating designs/significant changes prior to construction or move to production.
  • Ensuring that the defined security standards and architectures comply with local legal and regulatory requirements (GDPR, privacy regulations, etc.) in the firm’s different global locations.

• Training and Drill Coordination
  • Ensuring continuous improvement in threat detection and response.
  • Organising and coordinating security drills and exercises with a red team.
  • Aligning exercise objectives with SOC use cases and Purview/DLP and ZTNA controls to measure actual effectiveness.

• Project Development and Transition
  • Governing the reference architecture and control criteria applicable to projects, ensuring their correct implementation by first line of defence and integrators.

• Defining and Monitoring KPIs
  • Defining and monitoring key performance indicators (KPIs) for managed services.
  • Preparing regular reports on the status and evolution of services.

• Continuous Improvement
  • Propose and implement continuous improvements in security processes and technologies.

• Collaboration and Coordination
  • Work cross-functionally with IT, compliance and business teams.
  • Participate in defining the security strategy alongside the CISO.