WHAT TO EXPECT
This role is to help develop and support the Cyber SOC strategy by running the day to day internal and external SOC functions. You will be required to deliver operational support as well as new best in class technical solutions under project governance.
Key accountabilities and responsibilities:
* Work with the Global head of cyber security to develop the Cyber SOC strategy, future vision and execution plan.
* Plan, direct and control the SOC functions and operations.
* Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation.
* Coordinating and cooperating with externally sourced security service providers.
* Directing security event monitoring, management and response and cyber threat.
* Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
* Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.
* Revising and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs.
* Responsible for overall use of resources and initiation of corrective action where required for Security Operations Centre.
* Ensuring daily management, administration and maintenance of security devices to achieve operational effectiveness.
* Creation of reports, dashboards, metrics for SOC operations to senior management and CISO.
* Drive thorough Incident Investigations to ensure that Root Cause Analysis & Lessons Learned are conducted, documented and implemented as well as speedy but safe Return to Operation controls are implemented.
* Co-ordination with stakeholders, build and maintain positive working relationships with key stakeholders including Data Privacy, Audit, Risk and Compliance, IT, Corporate Security.
* Risk Governance.
* Expected to fill in for the Global Head of Cyber Security Operations as and when required.
* A key responsibility of this role is to support critical business requirements, such as cyber incidents. Depending on the nature of the business need, this may occasionally require working unsociable hours to deliver the appropriate level of support.
* Ensure effective team building, culture, mentorship to support a SOC function.
WHAT YOU'LL NEED
* Previous experience working within and leading a SOC function at scale at a senior / management level.
* Experience in hiring and building a team.
* Experience in building a team and overcoming cultural, educational challenges.
* Excellent understanding & experience of management of Cyber Information Security Incidents, Risk & Vulnerabilities.
* Proven experience in Security Incident Handling, Vulnerability Management and Threat Hunting.
* Previous experience with security platforms including IAM, DLP, SIEM, WAF, EEP, EDR, DAM.
* Able to work under pressure and to tight deadlines, reacting accordingly & professionally to Security Issues.
* Background and previous experience of IT security controls.
* Significant experience of working and influencing cross-functionally and managing external agencies.
* Experience of relationship management of senior stakeholders.
* Strong IT skills, able to analyse data for reporting purposes and follow work instruction.
* Qualifications in Security Management such as CISSP / CISM or other Security qualifications.
* An end to end understanding of NIST, MITRE attack framework and the 7 stage Cyber kill Chain
* Flexibility to be able to work occasional unsociable hours to support critical business requirements (i.e. cyber incidents or infrastructure outages and upgrades