Cyber Security Operation Manager
Tabadul
مجموع سنوات الخبرة :13 years, 9 أشهر
• Built Cyber Defense Capabilities, including security operation, active-defines, and threats intelligence centers
• Lead and drive the achievement of Cybersecurity Department Strategy, Objective and KPI within the accountabilities of the department
• guide, mentor and develop the cybersecurity operation team as part of their continuous development
• develop cybersecurity incidents response plan, playbooks and escalation procedures
• Leading the cybersecurity function and ensuring compliant with all cybersecurity regulations such as NCA ECC, CSCC, ISO
• Leading cybersecurity incident response engagements covering incident handling and coordination, in-depth technical analysis, and investigation through to
• Describe the current security solutions architecture for enhancements or different approaches
• Provide input and suggestion in improving and enhancing Information Security policies, procedures and security controls, and prepare / update documents
• implement and maintain corporate security policies and procedures
• Conduct vulnerability assessments and oversee the findings through mitigation or closure
• Develop a regular report on work progress and outputs to be shared with relevant stakeholders in line with reporting requirements
• Work with other teams to design, develop and provide identity and access management solution
• Oversee collecting and analyzing threat intelligence from a variety of source
• Assess the effectiveness of cybersecurity controls
• Manage cybersecurity department budgeting cycle and provide input to the budgeting process
• Ensure effective utilization of cybersecurity budget and report accurately on progress made and challenges encountered
• Lead and manage Security Operations Center for 24/7 monitoring service .
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and
monitoring.
• Ensure compliance to SLA, process adherence and process improvisation.
• Lead SOC analysts during incident response actions, advise and coordinate with leadership during
active incidents
• Revise and develop processes to strengthen the current Security Operations Framework, review
policies and highlight the challenges in managing SLAs.
• Responsible for team management, overall use of resources and initiation of corrective action
where required for Security Operations Center.
• Management, administration & maintenance of security devices within security monitoring.
• Perform threat management, threat modelling, identify threat vectors and develop use cases for
security monitoring.
• Responsible for integration of standard and non-standard logs in SIEM.
• Creation of reports, dashboards, metrics for SOC operations.
• Coordination with stakeholders, build and maintain positive working relationships with them.
• Implement standards and procedures to ensure alerts are addressed with relevancy, accuracy and in
a timely manner
• Define protocols and maturing of 'playbooks' for operational response to cyber threats
security analysis and scanning and assessment for information security risks, threats and vulnerabilities, Monitor the Security Information and Event Management System, Define security standards & incident response, Develop security policies and procedures, Configuration and administration of security systems and tools, Malware Analysis, Antivirus, Application Control Whitelisting, Device Control, SIEM Solution, Data Loss Prevention DLP, Risk Assessment and Risk Management
security analysis and scanning and assessment for information security risks, threats and vulnerabilities, Monitor the Security Information and Event Management System, Define security standards & incident response, Develop security policies and procedures, Configuration and administration of security systems and tools, Malware Analysis, Antivirus, Application Control Whitelisting, Device Control, SIEM Solution, Data Loss Prevention DLP, Risk Assessment and Risk Management