Job Summary:
Oversee all aspects of SOC operations, ensuring a secure environment for the organization's critical infrastructure and data. Responsibilities include managing a team of security analysts, developing, and implementing security policies and procedures, investigating security incidents, and collaborating with IT and other departments to maintain a comprehensive security posture.
Duties and Responsibilities:
- Responsible for hiring and training SOC staff, manages resources, priorities, and projects, and manages the team directly when responding to business-critical security incidents.
- Acts as point of contact for the business for security incidents, compliance, and other security.
- Lead and manage a 24x7x365 Security Operations Center providing technical oversight.
- Lead staff to proactively identify, prevent and respond to security incidents.
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
- Ensure compliance to Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.
- Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve security posture and services.
- Proactively identify security and process gaps and work with colleagues to expand visibility in identified areas
- Provide advice and consultancy on requirements of conformance to cyber security standards in the design, development, and operation of IT/OT Systems.
- Liaise with client executives on security intrusions and provide swift and accurate remedial action
- Lead enterprise level planning, development, and implementation of SOC technical security controls.
- Stay abreast of current business and industry trends, as well as developments in advisory services capabilities that are relevant to clients environments.
- Responsible for team management, personnel scheduling, overall use of resources and initiation of corrective action where required for Security Operations Center.
- Creation of reports, dashboards, metrics for SOC operations and presentation to client.
- Co-ordinate with stakeholders to build and maintain positive working relationship; this include subordinate SOCs supporting the organization.
Qualifications:
- Minimum 2 years of experience in Cyber security management
- Review and build processes to improve current operational activities; review policies and make recommendations for changes to improve governance.
- Good understanding of security standards and framework such as ISO 27001/27002, HIPAA, PCI-DSS, MITRE ATT&CK and NIST
- Lead and manage a Security Operations Center that is operational 24/7/365.
- Knowledge of threat actor tactics, techniques, and procedures, as well as successful mitigation strategies, is essential.
- Interpersonal abilities and the ability to communicate successfully with both management and clients
- Responsible for the SOC team management, staff scheduling, overall resource use, and corrective action initiation as needed.
- Security monitoring experience with XDR/SOAR/SIEM technologies and intrusion detection technologies
- Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
- A Bachelor's Degree / Diploma in a relevant area of study with a preference for Information Security, Computer Science, or Information Technology
- Detail oriented with strong organizational and analytical skills
- Strong written communication skills and presentation skills
- Excellent English written and verbal skills.
