Job Title: Head of Cyber Security Operations Center- Shift C (NAWAH)
Job Purpose
Lead the Cyber Security Operations Center (CSOC) shift operations, covering a rotating shift for 24x7x365 coverage. Lead the activities of CSOC professionals on technical issues and the implementation of CSOC standard operating procedure to ensure all components are functioning optimally
Key Activities, Responsibility & Accountability
Responsibilities and Accountabilities:
• Lead 24x7x365 CSOC team using the latest in monitoring and analytic technologies to identify and respond to threats effectively.
• Lead the establishment and maintenance of performance metrics to help measuring productivity and operational readiness.
• Manage and engage with the CSOC team in the integration and use of technology, in the development and implementation of Standard Operating procedures (SOP), and in the response to cyber threats and in the execution of the incident response plan.
• Manage situation awareness during normal operation and incidents to provide communications and promote understanding of cyber threats and vulnerability to relevant stakeholders.
• Coach and develop the staff and achieve the quality and timeline metrics (SLA/KPI).Responsibilities and Accountabilities:
• Act as the first point of escalation when an event is escalated into a potential threat or incident and, provide communication exchange and knowledge transfer with other CSOC teams, internal and external stakeholder.
• Administer CSOC Standard Operating Procedure (SOP), Incident Response Plan (IRP) and review their application to ensure the control’s, SOP, and IRP are operating effectively and efficiently.
• Engage and provide management oversight for the identification, triage, and response of events or incidents of apparent security breaches.
• Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
• Collect and maintain data needed to meet security reporting to CSOC Manager.
• Maintain processes and procedures associated with security monitoring and response use cases to address and respond to potential security incidents and promote timely escalation and incident coordination.
• Support the configuration of existing tools and evaluate existing rules, filters, events and use cases to analyze security event data, detect suspicious activity, and alert on potential security incidents.
• Drive collaboration efforts between the CSOC and counterparts to maximize effectiveness of detection efforts and knowledge of the local cyber security landscape.Provide input into the development of the Department’s systems and processes, as well develop and implement the Section’s procedures, identifying opportunities for the continuous improvement of practices to increase productivity and operational efficiency.
• Monitor, control and report Operational and financial Key Performance Indicators (KPIs) related to the Section, to track performance and recommend corrective or mitigating actions.
• Ensure that all relative reports are prepared timely and accurately, to meet Section’s requirements and standards
Responsibilities & Accountabilities (contd.)
Professional Certifications
Qualifications
Bachelor’s Degree
Pref -
Master degree in Information or Cyber Security.
Experience
7 years of relevant experience or equivalent as stated in the Job.
Pref -
4+ years of technology experience, including troubleshooting and performing root cause analysis of ICT solutions.
3+ years of demonstrated experience managing incident security response team.
