Position: Security Operations Center (SOC)
Reporting line- Senior Manager, ICT Security
Job Summary
Responsible for the Security Operation Center to Plan, direct and control the SOC functions and operations, ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation. Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimize the impact of the threat.
Key responsibilities:
- Leading and managing the Security Operations and team of security operational staff members (SOC Specialists and Analysts).
- Primarily responsible for directing security event monitoring, management and response and cyber intelligence.
- Responsible for SOC strategy and budget.
- Ensuring incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
- Safeguarding compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.
- Revising and developing processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs.
- Responsible for overall use of resources and initiation of corrective actions were required for Security Operations Center.
- Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness.
- Ensuring threat management, threat modelling, identifying threat vectors and developing use cases for security monitoring.
- Creation of reports, dashboards, metrics for SOC operations and presentation to ICT Management.
- Ensuring that standard and non-standard logs from different applications in the network are integrated with the SIEM solutions and central log management tools.
- Ensure all SOC toolsets, processes, people, and technologies are maintained and fully operational as per the SLA.
- Work with different units in the department to reduce cyber security risk.
- Perform scheduled and ad-hoc security assessments across the Bank systems and networks, ethically, to identify loopholes and devise remediation actions, acting as part of the red team and assisting the cyber security blue team in the resolution of identified flaws. Security assessments include but are not limited to penetration testing, cracking and ethical hacking.
- The SMIS, HISG, DICT, and Bank Management may assign other responsibilities as needed.
Experience, Knowledge and Skills Requirements
- Bachelor’s Degree in Computer Systems, Technology, or any other equivalent and relevant qualification from an accredited institution.
- Minimum of 5 years in ICT Security in a leadership role, with experience building long-term career development plans for team members at all levels.
- At least 1 ICT Security professional certifications, CSA, CISA, CISM, CISSP, CEH etc.
- Exceptional operational rigour with extensive real-world experience in ITIL, ISMS, NIST methodologies and frameworks for IT security operations.
- Experience in designing, implementing, and measuring relevant security and technology management critical success factors, key performance indicators, and metrics.
- Experience in implementing and managing SIEM solutions.
- Experience in working in a deadline-oriented incident management environment managing multiple issues simultaneously.
- Technical handling interaction with vendors, contractors, and other stakeholders.
- Experience in operating big data forensic technologies.