Security Operations Manager

Synopsis

The role is subject matter expert in cybersecurity operations team responsible for specific operations security services defined as part of the security operations service catalogue and delivered by the Managed Security Services provider and in-house. The Security Operations Manager manages the technical delivery of supplier provided Security Operations services to agreed service levels and standards. This role has a specific focus on Security Operations Centre services. Additionally, the role is part of the Security Operations team more generally and oversees the day-to-day information security operations, including monitoring, analysis, detection and escalation of Information security risks and threats.

Accountabilities

• Manage the technical delivery of security services by the managed security services providers. Specifically:
• Security Operations Centre
• Incident response
• Serve as the key point of contact for information security operational requests.
• Review supplier provided reports and ensure adherence to agreed SLAs.
• Ensure effectiveness of security services provided by the managed services provider for detection, prevention, protection and remediation of security incidents.
• May be required to work as part of the incident response team on a 24x7x365 on an exceptional basis.
• Ensure the enforcement of information security controls to Etihad security standards, policies and regulatory requirements by the managed services provider.
• Provide support for information security investigation requests.
• Report status of information security situational awareness as requested.
• Ensure that the service provider applies security policies, requirements and controls to all supported platforms.
• Manage security services providers, to define and document security procedures and configurations.
• Internal stakeholder management, providing information up to Head of Cybersecurity and Head of Technical Systems on escalations and resolution progress; respond to stakeholder queries on information security operations.
• External stakeholder management, account Managers of managed service providers and suppliers and delivery personnel of managed service providers and suppliers.

Education & Experience

• Deep knowledge and experience of Secure Services Edge (SSE) technologies and Processes.
• A minimum of 7-10 years of experience in Cybersecurity. CISSP certification
• Knowledge of and experience with Security Operations Centre environment
• Understanding of ISO27001 , NIST , UAE Govt Cybersecurity standards, international and local regulations pertaining to Information Security and data privacy.
• Proficiency in industry standard Service Management Operations principles: Incident Management, Vulnerability Management, Change Management etc.
• Ability to manage execution of projects by security services providers and internal teams.
• Very good written and oral communication skills required.
• Graduate degree in Computer Science, Management Information Systems or equivalent industry experience.
• Industry and domain certifications such as Certified Information Systems Security Professional (CISSP), Global Information Security Assurance Professional (GIAC) , Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or equivalent
  
  

About Etihad Airways

Etihad Airways, the national airline of the UAE, was formed in 2003 and quickly went on to become one of the world’s leading airlines. From its home in Abu Dhabi, Etihad flies to passenger and cargo destinations in the Middle East, Africa, Europe, Asia, Australia and North America. Together with Etihad’s codeshare partners, Etihad’s network offers access to hundreds of international destinations. In recent years, Etihad has received numerous awards for its superior service and products, cargo offering, loyalty programme and more. All this ties into Etihad’s ambitious Journey 2030 strategy. The airline plans to double its fleet size and triple the number of customers over the next six years as it sets out to be the airline everyone wants to fly!

To learn more, visit etihad.com

Recruitment Fraud Alert

Beware of fraudulent job offers from individuals or organizations claiming to represent the Etihad group. We will never ask for personal information, bank details, or payment during the recruitment process. Interviews are conducted face-to-face or via video/telephone before any formal offer. If you are asked for money, please treat it as fraudulent and contact [email protected]