Security Operations Lead

The Security Operations Lead will primarily be responsible for coordinating the SOC team regarding day-to-day operations and ensure Security operations services are duly delivered.

He/she is to be involved in daily monitoring activities, be the escalation point of the SOC Analysts for any identified potential anomalies and will perform in-depth investigation into the matters and report the findings to the VP Security Operations. In the event of a security incident, he/she will be part of the incident response team to perform investigation, containment, remediation, recovery and provide input to the root cause analysis and lesson learned report.

Responsibilities:

• The Security Operations Lead will be involved in resource planning and allocation related to SOC operation.
• Lead and support continuous improvement of the SOC such as but not limited to Security Monitoring, threat hunting, rule base review, monthly cadence with service providers, vendor management, and Security projects implementation
• Handle security incident response for all potential and actual incidents together with the Incident Response Team and/or Crisis Management Team, including conducting post-incident reviews and developing corrective action plans, orchestrating cyber security exercises such as tabletop, disaster recovery, etc
• Ensure proper communication as well as adequate actions are performed during incident management to all stakeholders
• Collaborate with other functions such as Security Engineering, Assurance & Audit and Risk & Compliance to ensure security tools implementation, security reporting as well as manage risk matters adequately.
• Develop and maintain the SOC's standard operating procedures for monitoring, analyzing, and responding to security events and incidents
• Continuously monitor and provide regular reports to management on the status of the SOC's operations, security events, security incidents, and security posture to identify and assess potential security risks, and develop mitigating controls and solutions.

Requirements:

• Diploma or degree in Computer Science, Information Systems or equivalent related degree, Any IT Security related certifications (CISSP, CISA etc) is a plus.
• At least 5 years of relevant experience in Information Security & Cyber security roles
• Ability to lead a team of SOC analysts, prior team lead or team management experience is preferred
• Broad knowledge in infrastructure, information and application security and related topics (i.e. DMZ, PKI, SSL, multi-factor authentication, cryptography and secure communications, Security tools such as SIEM, SOAR, IPS, WAF, EDR/XDR, incident response and digital forensic).
• Experience with threat and vulnerability management and system security monitoring
• Familiarity with security regulatory frameworks, such as NIST Cybersecurity Framework, MiTRE Att@ck Framework, Cyber Kill Chain, ISO27001, PCI DSS, CIS Critical Security Controls and/or MAS TRM.
• Knowledge of current security events and a demonstrated passion to stay informed of best practices & trends within the industry