Provide management oversight for the identification, triage and response of events or incidents of apparent security breaches to maintain the security posture
Conduct Security event analysis reporting on activities through regular scheduled reporting and communications in order to highlight the main incidents and events
Identify and handle incidents, which need special attention or escalation to secure the overall bank's security and mitigate potential risks
Direct the creation and maintenance of incident response run books of the Analysts team run-books
Act as a lead throughout incident scenarios and provide subject matter expertise in cybersecurity incident response to facilitate the investigation and root cause analysis
Ensure proper reporting for daily, monthly, quarterly and annual security posture, SOC and executive reporting and dashboards
Recommend security solutions based on security postures and gaps identified
Manage communication with other departments to facilitate investigation process
Develop and update SLA between SOC and other departments when required and maintain SLA
Participate in the formulation and implementation of the Security Operations Center Department strategy to ensure the alignment
Participate and recommend improvements to policies, processes and procedures and manage their implementation to ensure all relevant procedural/legislative requirements are carried out
Supervise the day to day operations of the Incident Management & Response team providing some guidance in the related area, encouraging teamwork and facilitating related professional work processes in order to achieve high performance standards
Supervise the activities and work of subordinates to ensure that all work within a specific area is carried out in an efficient manner and in compliance with the set policies, processes and procedures
Requirements
Bachelor's degree of Engineering, Computer Science or equivalent
Minimum 8 - 10 years of experience in IT Security or related fields
Strong understanding of incident handling procedures
Experience with packet and log analysis using commercial and open source tools
Recommended Certifications:
Certified Information Systems Security Professional (CISSP)
