Purpose

Manage the delivery of supplier-provided Security Operations services to agreed service level standards. Oversee day-to-day information security operations, including monitoring, analysis, detection and escalation of Information security risks and threats

Accountabilities

• Manage the delivery of security services by the Managed Cybersecurity Services Provider.
• Ensure the effective implementation of information security policies, standards, and procedures across all relevant systems and services.
• Serve as the key point of contact for information security operational management
• Review supplier-provided reports and ensure adherence to agreed SLAs
• Ensure the effectiveness of security services provided by the managed services provider for the detection, prevention, protection, and remediation of security incidents
• Define incident response procedures and lead incident investigations, RCA.
• Ensure implementation and maintenance of security tools like SIEM, EDR, Firewalls, NAC, CASB, etc
• Monitor threat intelligence feeds and ensure proactive defense measures
• Ensure the enforcement of information security controls to Etihad Engineering security standards, policies, and regulatory requirements by the managed services provider.
• Provide support for information security investigation requests
• Ensure that the service provider applies security policies, requirements, and controls to all supported platforms
• Ensure that the managed security services provider defines and documents security procedures and configurations
• Plan and conduct Cybersecurity training, including targeted training for middle managers and executives
• Simulate phishing and social engineering attacks for behavioral training.
• Prepare regular KPI reports to senior leadership and ISMS Steering Committee
• Drive the Information Security Management System based on NESA, EASA Part-IS.
• Ensure compliance with relevant regulations such as GDPR, NESA, and EASA Part-IS
• Support Internal/external audits, regulatory inspections, and risk assessments
• Review, propose changes to security policies, standards, and procedures to align with various standards like NESA, EASA Part-IS, GDPR, etc
• Drive periodic cyber risk assessments and threat modelling exercises
• Manager organization's risk register, drive remediation plans, and track residual risks
• Coordinate with enterprise risk and business continuity teams for alignment
• Supervise SOC and ensure 24x7 monitoring, detection, and response to threats
• Drive periodic review of the Information Security Performance targets and recommend new targets to aim higher maturity level
• Participate in solution and infrastructure design reviews to ensure all security considerations are factored.
• Evaluate third-party products and cloud services from a security risk point of view.
• Review and approve security controls for new applications, migrations.
• Ensure periodic access reviews and compliance with segregation of duties.
• Approve access to privileged accounts and monitor privileged access management solutions.
• High-pressure role where balancing multiple concurrent priorities is essential

Education, Experience, and Competencies

• Graduate degree in Computer Science, Management Information Systems, or equivalent. Post-graduation (preferably in Information Technology or Computer Science) is desirable
• Industry and domain certifications such as Certified Information Systems Security Professional (CISSP), Global Information Security Assurance Professional (GIAC), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), or equivalent
• ITIL Foundation certificate in ITSM desirable
• 5 years minimum of experience in security operations, Security Operations Center, and related supplier management
• Knowledge of industry best practice standards about Security Operations, Data Security, Forensic Analysis, and Incident Management
• Knowledge of and experience with Information Security operations tools, including SIEM, IDS/IPS, End-point security, IAM, Email Security, DLP required
• Understanding of ISO27001 and COBIT standards, international and local regulations about Information Security and data privacy
• Proficiency in industry standard Service Management Operations principles: Incident Management, Vulnerability Management, Change Management etc.
• Ability to manage the execution of projects by security services providers and internal teams
• Good administrative skills with effectiveness in delivering modules and driving POCs
• Very good written and oral communication skills required