Manager Cyber Security

Purpose

Manage the delivery of supplier provided Security Operations services to agreed service level standards. Oversee day-to-day information security operations, including monitoring, analysis, detection and escalation of Information security risks and threats

Accountabilities

• Manage the delivery of security services by the Managed Cybersecurity Services Provider.
• Serve as the key point of contact for information security operational management
• Review supplier provided reports and ensure adherence to agreed SLAs
• Ensure effectiveness of security services provided by the managed services provider for detection, prevention, protection and remediation of security incidents
• Define incident response procedures and lead incident investigations, RCA.
• Ensure implementation and maintenance of security tools like SIEM, EDR, Firewalls, NAC, CASB etc
• Monitor threat intelligence feeds and ensure proactive defence measures
• Ensure the enforcement of information security controls to Etihad Engineering security standards, policies and regulatory requirements by the managed services provider.
• Provide support for information security investigation requests
• Ensure that the service provider applies security policies, requirements and controls to all supported platforms
• Ensure that the managed security services provider defines and documents security procedures and configurations
• Plan and conduct Cybersecurity trainings including targeted training for middle managers and executives
• Simulate phishing and social engineering attacks for behavioural training.
• Prepare regular KPI reports to senior leadership and ISMS Steering Committee
• Drive the Information Security Management System based on NESA, EASA Part-IS.
• Ensure compliance with relevant regulations such as GDPR, NESA, EASA Part-IS
• Support Internal/external audits, regulatory inspections, and risk assessments
• Review, propose changes to security policies, standards, and procedures to align with various standards like NESA, EASA Part-IS, GDPR etc
• Drive periodic cyber risk assessments and threat modelling exercises
• Manager organization's risk register, drive remediation plans and track residual risks
• Coordinate with enterprise risk and business continuity teams for alignment
• Supervise SOC and ensure 24x7 monitoring, detection, and response to threats
• Drive periodic review of the Information Security Performance targets and recommend new targets to aim higher maturity level
• Participate in solution and infrastructure design reviews to ensure all security considerations are factored.
• Evaluate third-party products and cloud services from security risk point of view.
• Review and approve security controls for new applications, migrations.
• Ensure periodic access reviews and compliance with segregation of duties.
• Approve access to privileged accounts and monitor privileged access management solutions.

• High-pressure role where balancing multiple concurrent priorities essential

   

Education, Experience and Competencies

• Graduate degree in Computer Science, Management Information Systems or equivalent Post-graduation (preferably in Information Technology or Computer Science) desirable
• Industry and domain certifications such as Certified Information Systems Security Professional (CISSP) , Global Information Security Assurance Professional (GIAC) , Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or equivalent
• ITIL Foundation certificate in ITSM desirable
• 5 years minimum of experience in security operations, Security Operations Center and related supplier management
• Knowledge of industry best practice standards pertaining to Security Operations, Data Security, Forensic Analysis and Incident Management
• Knowledge of and experience with Information Security operations tools including SIEM, IDS/IPS, End-point security, IAM, Email Security, DLP required
• Understanding of ISO27001 and COBIT standards, international and local regulations pertaining to Information Security and data privacy
• Proficiency in industry standard Service Management Operations principles: Incident Management, Vulnerability Management, Change Management etc.
• Ability to manage execution of projects by security services providers and internal teams
• Good administrative skills with effectiveness in delivering modules and driving POCs
• Very good written and oral communication skills required