Manager - SOC Monitoring (CPX)

Overview:

• To lead the SOC team and cybersecurity professionals within the SSBU.
• Provide leadership to the team, ensuring everyone is trained, motivated, and effectively working together. 
• Establish SOC performance goals and priorities, lead incident response efforts, and serve as POC for all security incidents.
• Ability to handle high-pressure and complex situations.
• Analyze complex data to identify vulnerabilities and potential threats and provide reports timeously. 

Responsibilities:

• Ensure the SOC operations focus on achieving the SOC vision, mission, objectives, and goals.
• Advise appropriate senior management or authorizing changes affecting the organization's information and cyber security posture.
• Collect and maintain data needed to meet security reporting to management. Assist in preparing the annual budget for Security operations.
• Ensure that information and cyber security requirements are integrated into that system’s continuity plans and, or organization.
• Facilitate the security operations data required for information security risk assessments during the Security Assessment and Authorization (SA&A) process.
• Participate in developing or modifying the SOC program, plans, and requirements.
• Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the organization’s information system(s) security operations.
• Oversee SOC delivery and resource management. Manage the rotation of resources in the SOC and regularly prepare the shift roster.
• Responsible for the recovery and forensic investigation of incidents.
• Ensure the compliance of SOC to the SLA, organization policies, and other regulatory requirements. Identify and report any deviations in the defined SOC process.
• Design, build, implement, and maintain a knowledge management system that provides the SOC section with adequate information to operate the SOC.
• Ensure the Incident resolution and false positives knowledge base is updated continuously.
• Led the Incident response team, coordinated and drove the Incident recovery activities with internal and external parties.
• Ensure the overall quality of the SOC operations. Regularly track the timeline compliance of the SOC activities.
• Regularly review the processes, procedures, and activities the SOC team follows and propose changes if there is a scope for improvement.
• Develop and evaluate metrics to measure the performance of the SOC team. Provide suggestions to add/remove event sources under monitoring scope.
• Co-ordinate with CPX internal teams in performing the incident drill.
• Submit incident drill summary report to management and propose changes in the process if necessary.
• Oversee incident response planning and handling, as well as the investigation of security breaches, and provide prevention and recovery progress to management.
• Periodically measures the performance of the SOC and reports the results to the management.
• Evaluate new technologies and tactical process that helps to optimize or improve the SOC operations.
• Mentor the SOC section with the latest security trends, threat detection, and analysis techniques, etc., via internal training, external training, classroom training, and team meetings.

Qualifications:

• A Bachelor’s Degree in Computer Science or Information Technology (Any area).
• Overall 10+ years’ experience working in a large-scale IT environment focusing on Information Security.
• Minimum five years experience in Information and Cyber Security.
• Minimum three years experience in Information and Cyber Security Incident.
• Minimum three years experience in managing a SOC team.
• Minimum three years experience with SIEM technologies.
• ISC2 Certified Information Systems Security Professional (CISSP) and/or
• GIAC Certification