JOB PURPOSE :
Provide oversight of security analysis activities by the team and ensure the effective
resolution within the SLA
Comprehensive knowledge in managing Tier 1-2 SOC 24x7 shift models, run/play book
and hand over procedures.
Should a security incident occur in the organisation, efficiently orchestrate analysts to
respond
Ability to coordinate, work with and gain the trust of stakeholders, technical
resources, and various technical team.
Lead and manage security incidents from identification through remediation
Contribute to the development of SOC Runbook to ensure that SA stay current and
effective
Deliver assessments to management and recommend course of action to be
undertaken
Understand the threat landscape and improve the effectiveness of the security
devices as required
Experience within a Computer Security Incident Response Team (CSIRT) or
comprehensive knowledge of mitigating procedures for addressing threat vectors
including Advanced Persistent Threat(APT), Distributed Denial of Service (DDOS),
Phishing, Malicious Payloads, Malware
Help to analyze the findings or security alert in investigative matters, and develop
fact based reports of events over period of time
Experience with proactive threat hunting techniques and concepts in an enterprise
environment.
Ability to communicate effectively with business representatives in explaining impacts
and strategies and where necessary
KEY ACCOUNTABILITIES & OUTCOMES :
Principal Accountabilities :
Ensure SOC able to perform network security monitoring, security events detection,analysis and
escalation
Ensure SOC day-to-day operations comply to existing SLA and KPI
Advise SOC to provide recommendation to reduce or mitigate security risks.
Assist Section Head to improve SOC’s technology, process and people to achieve greater effectiveness and efficiency
Supporting Activities :
Monitor and ensure that the escalated security events by SOC are resolved in timely manner within stated SLA and KPI
Provide trending reports on security events detected by SOC.
Recommend measures to contain attacks including where required to implement blocking measures
Provide recommendations for technology and process improvement
Outcome/ deliverables :
SOC performance is met based on SLA/KPI
Practical recommendation to reduce or mitigate security risk within required timeline
Management Reports for the security events detected and escalated
Technical Reports as and when required by stakeholders
Ticket escalations with recommendations on how to mitigate the attack.
Qualification
Possess a professional qualification with a recognised Master/ Degree in Computer
Science, IT or a related discipline.
Minimum 5 years IT Security related working experience in Financial Services Industry
(FSI). Total 10 yrs or more experience.
At least 3 years of (direct or indirect) leadership or managerial experience
Possess professional certifications such as CISSP, ITIL, COBIT, CISM, Six Sigma, CISA,
CRISC & ISO 27001 Lead Auditor/Implementer or other related professional IT
certifications will be an added advantage
JOB SPECIFIC SKILLS & COMPETENCIES REQUIRED :
Competencies
Proven ability in security process and enterprise level security solution design,
implementation and management experiences on security solutions
Ability to develop and guide the team to achieve high levels of performance
Highly self-motivated and directed
Experienced, energetic, engaging and visionary leader with sound knowledge of
business management and a working knowledge of information security technologies
to support enterprise mission
Knowledgeable leader to provide vision, strategy, broad-based planning and hands-on
responsibility
Ability to act calmly and competently in high-pressure, high-stress situations
Strong presentation skills with proven ability to successfully interface with and
influence at all levels (management, executive, technical staff and end user)
Excellent written and verbal communication skills with an emphasis on
confidentiality, tact and diplomacy