Role: Senior IT Security Operations Officer ( UAE Nationals Only)
Location: Abu Dhabi
Role Purpose
Manage and Maintain Security devices, Tools / Products implemented at Bank for day-to-day tasks
Implement security policies, protocols and procedures
Regular monitoring of Security Logs and Events for IT Security devices to review security events and alerts and proactively detect actual or potential attacks to bank network
Provide administrative, organizational, and technical support that assists the Manager IT SECURITY OPERATIONS to accomplish department tasks and act as the backup in the Manager's absence
Incident response: Respond to attack attempts & contain incidents
Follow the security hardening baselines / guidelines and generate reports as required
On call-availability for critical alert(s) / issue(s) reported by Command Center after working-hours, weekends and public holidays and proper escalation to Manager - IT SECURITY OPERATIONS
Ensure compliance to published policies and procedures defined by ITD Governance, GISD etc., by performing according to what has been documented
Ensure accurate and timely status reporting and other related documentation to management
Ensure satisfactory department audit with no high risk finding on department. Any finding to be resolved within agreed time (with Audit and Management)
Key Accountabilities Of The Role
IT Security Operations Unit (20%)
Assist IT SECURITY OPERATIONS Manager in formulating tasks list for IT SECURITY OPERATIONS Unit in a manner that tasks are aligned with overall IT Division goals
Prepare Management Dashboards and reporting
Attend all the team meetings, one to one meeting to have a high level of communication culture.
Timely response to email, tasks assigned and effective follow up with various stakeholders.
Ensure team provides excellent support, which leads to user's satisfaction.
IT Security and Device Management (30%)
Manage, maintain, and monitor Security Devices, Security Tools and Products implemented at bank
Ensure security of all bank public services hosted in the DMZ
Security configuration of perimeter devices according to the Best-Practices and vendor guidelines
Manage security device configuration change(s) as per bank standard Change Management Process
Perform security device health checks as per approved checklist(s)
Updating security devices with latest stable software and signature releases
Security configuration of perimeter devices according to the Best-Practices and vendor guidelines
Troubleshoot technical issues related to Security
Participate in POCs in coordination with Security Projects delivery Team to evaluate and to provide a feedback for selection of the best suitable Security Solution for Bank IT Security requirements.
Security Events Monitoring, Incident Response & Support (10%)
Security Event Monitoring and Logging: Ensure that required logs from security devices and tools are configured to forward to SIEM.
24/7 Stay on-call for Command Center, SOC and initiate response in case of any Security Incident
Incident Support: Provide Level 2 & 3 support for any security incident reported by Command Center/SOC and escalate as per escalation procedures / guidelines
Global Expansion (10%)
To fulfill the IT Security requirements for International expansion as conducted by bank
Management.
Ensure availability of security services for international branches and provide BAU security operations support.
Information Security (10%)
Maintain information security related to bank, throughout the period of employment
As soon as possible, report any potential or actual risks or incidents affecting the security of information to the ITD Service Desk and to your Line Manager.
Documentation / Process Ownership (10%)
The incumbent is responsible to take ownership, maintain & update documented processes and / or documentation related to his job function
In the event where processes or documentation are shared, the incumbent shall coordinate with the owner of document about required changes or improvements
People & Attendance (10%)
Co-operate with the team members in a cohesive and professional manner and proactive good attendance habits and maintain the reporting hierarchy in all matters.
The incumbent should adhere to working hours which might require working for extended hours depending on job nature and task assigned.
Specialist Skills / Technical Knowledge, Technical Competencies Required for this role:
Graduate in any field related to Information Technology / Computer Science.
Certification: Microsoft Azure Security/Architecture, Firewall, IPS, Email Gateways, WAF and/or other Security Certifications
Good knowledge of IT systems configuration and log analysis
Strong understanding of general security and networking concepts in corporate network environments
Strong understanding of well-known security technologies
Demonstrates a range of effective technical problem-solving techniques
Strong understanding of Cloud Security Posture management, ability to review and take actions
Good understand of DevSecOps methodologies
Good understanding of Cloud native Security including Security in distributed Microservices architecture
Knowledge of Information Security systems, methodologies, and best practices.
Possess team building skills and must efficiently work with various stakeholders
Previous Experience
Total Number of Years: Minimum 10 Years IT Environment (Network Security & Cloud Security)
Minimum 8 years experience in similar banking or IT Organizations
Bachelor's degree in computer science, information systems, business administration, related field, or equivalent work experience
