Job Purpose:

• Responsible for leading the Security Operations Center team in monitoring, detecting, responding to, and mitigating cybersecurity threats.

Job Responsibilities:

• Oversee daily monitoring of security events and coordinate the triage, analysis, escalation, and resolution of security incidents.
• Ensure proper incident documentation, reporting, and post-incident review.
• Maintain and optimize SOC playbooks, runbooks, and standard operating procedures (SOPs).
• Lead incident response efforts and coordinate with internal stakeholders and external vendors/law enforcement when necessary.
• Oversee threat hunting and proactive detection initiatives to uncover undetected threats.
• Maintain and enhance threat intelligence capabilities and integrate threat intelligence into SOC operations.
• Ensure optimal configuration and tuning of security tools such as SIEM, EDR, IDS/IPS, SOAR, and threat intelligence platforms.
• Collaborate with IT and security engineering teams to ensure logging, visibility, and alerting are comprehensive and effective.
• Evaluate and recommend new security technologies and processes for continuous SOC improvement.
• Ensure SOC operations adhere to relevant compliance standards (e.g., ISO 27001, NIST, GDPR, HIPAA).
• Prepare audit reports, metrics, and dashboards for leadership and compliance teams.
• Lead internal and external security assessments related to monitoring and incident response.
• Train, and mentor SOC staff to enhance technical and operational skills.
• Develop training programs and run tabletop exercises to strengthen team capabilities.
• Foster a collaborative, high-performing, and responsive security culture.
• Ensure the confidentiality, integrity, and availability of the organization’s information systems by overseeing day-to-day operations, incident response activities, threat intelligence analysis, and continuous improvement of SOC processes and technologies.

Job Qualifications:

• Bachelor's degree in any relevant field
• 7-10 Years of experience
• CISSP, CISM, GIAC (e.g., GCIA, GCIH), or other relevant security certifications.
• Strong understanding of security operations, threat landscapes, and incident response.
• Hands-on experience with SIEM (e.g., Splunk, Q Radar, Sentinel), EDR, and SOAR platforms.
• Familiarity with MITRE ATT&CK framework, threat intelligence platforms, and cyber kill chain.
• Excellent leadership, team management, and interpersonal communication skills.
• Ability to work under pressure and manage multiple incidents or projects simultaneously.
• Strong analytical and problem-solving capabilities.
  

• للتقديم الان