Manager - SOC Advisory

Job Purpose

To assist in leading the SOC Advisory team and cybersecurity professionals within the SSBU.

Help Establishing the performance goals and priorities, assist other internal teams with Advisory related tasks when required. Prepare presentations and knowledge transfer sessions to internal teams and customers.

Ability to handle high-pressure and complex situations.

Job Responsibilities

Key Focus Areas (up to 7)

Key Activities

Key Responsibilities

• While serving as a Project Lead or Task Lead, oversee and direct work of staff and junior level consultants who are assigned to the project activity
• Proactively identify and apply opportunities for continuous process improvement, including application of industry best practices and methodology/reporting process automation in assigned tasks
• Provide relevant cybersecurity and IT security subject matter advice, findings, and recommendations to the project lead and end customers for technical cybersecurity issues
• Assess the present maturity of client’s cyber security operations and product security programs in relation to best practices for governance, strategy, process, architecture, and metrics.
• Conduct cybersecurity program maturity evaluations across various domain, and subdomains security areas to determine the client's present state maturity and suggested future state.
• Draft secure product configuration standards for the installation, operation and decline of customer-specific, customer-friendly IOT devices and services.
• Coordinate and draft cybersecurity operations baselines, Target models, Gap Assessments and/or Roadmaps. Developing creative, logical solutions and assisting in the presentation of findings and recommendations to clients
• Performing assignments both autonomously and as part of a team
• Performing risk assessments in regards to various technology / compliance standards
• Assisting with cybersecurity and technology assessment projects
• Meeting deadlines and proactively communicating with project team members
• Interacting with clients on a regular basis for various process and technology related projects
• Create and establish rapport with clients and stakeholders. Perform as a subject matter expert (SME) in strategy conversations with c-level panels to provide exceptional IT/OT/Cloud/Physical security, compliance, regulations, and industry best practices that promote the overall mission and vision of the organization.
• Maintain a good understanding of security trends and methods for pinpointing cyber and physical security solutions that fit the client's business, financial, and technological objectives.
• Identify, build, and create cyber solutions to address security issues, perform security operations content reviews, draw conclusions, and develop strategic guidance.
• Assess and develop the current security operation effectiveness by reviewing operating procedures, workflows, policies, frameworks, and operational reporting.
• Consistently contribute towards industry-specific offerings/professional security forums/internal departmental blogs/publications/develop thought leadership.
• Contribute to the proposal process for SOC Advisory services while collaborating with other internal group members to solidify the sales pitch approach.
  
  

Characteristics

• Exceptional planning, organizational, and presentation skills.
• Ability to handle high levels of stress.
• Strong people management skills with great attention to detail.
• Good communication/interpersonal skills, with the ability to influence decision-making.
• Resilient, able to work independently and effectively under pressure, manage diverse and competing workloads ensuring deadlines are met.
• Strong understanding of the overall vision, mission, and key objectives of the organization.
  
  

Experience And Skills

• Experience in team management
• Experience in pre-sales/sales related activity
• Experience in understanding complex activities and relationships quickly, assessing business and delivery risks, and communicate them effectively.
• 10+ years of extensive IT Security / IT Consultancy/client-facing roles related to SOC/Security operations projects (Cybersecurity Managers, IT Security Engineers, Security Analysts, Senior/Principal Security Analysts)
• Experience in SOC strategy, roadmap and documentation development, adapted to client organization (Services catalogue, Security Incident Response management plan, playbooks)
• Possess the ability to support the vision and mission of any organization's security program.
• Retained proficiency in delivering high-quality and high-level strategic and advisory services.
• Possesses certifications related to enterprise information security frameworks and/or compliance, regulation-type frameworks.
• Experience in implementation/audit of NIST, MITRE ATT&CK/Defend and similar Cybersecurity Frameworks and Standards
• Experience in implementation/audit of US, EU, UAE privacy related frameworks/standards
  
  

AOR (Any Other Responsibilities)

• Any other responsibilities as required by the Line Manager
  
  

Job Specifications

Skills/Certifications (Technical & Non-Technical)

• Agile PM
• PMP
• CISSP, CISM, CISA, GIAC SOC and Cybersecurity vendor related certificates
• ISO9001:2015 Lead Auditor
• ISO27001 Lead Implementor/Auditor
• Cloud security experience
• OT security experience
• Team leadership in large/complex environments
  
  

Minimum Work Experience

Overall 10+ years’ experience working in a large-scale IT environment focusing on Information Security.

• Minimum teight years experience in Information and Cyber Security.
• Minimum three years experience in Information and Cyber Security Incident.
• Minimum three years experience in managing a SOC team.
• Minimum six years experience with SIEM/log management technologies
  
  

Education

Bachelor of Business, IT/Software Engineering or Computer Science.