Global Cybersecurity / SOC Manager

Global Cybersecurity / SOC Manager FINCA Impact Finance , Pakistan The Global Cybersecurity/SOC Manager will play a key role in maintaining and continuously improving FINCA`s cybersecurity, monitoring and control framework, ensuring that effective security risk, threat, vulnerability and incident management practices are incorporated into IT and business practices within their FIF and subsidiaries.Developing and facilitating security logs and incident management, analytics and reporting capacities is a primary focus of the position. Working closely with global, regional and local Information Security and IT resources to design, test, implement effective security controls is another key responsibility of the position.AccountabilitiesCommunicate and collaborate with internal clients to contribute to security direction, and provide influence and technical guidance on current and future technical security directionsAct as a cybersecurity subject matter expert throughout projects lifecycle, including functional requirements, design specifications, testing and quality assurance, implementation and supportProvide input to the annual Information Security budget cycleEnsuring that security requirements are identified early on and are being incorporated into all projects/applications:Investigate, recommend, evaluate, deploy and integrate security tools and techniques to improve our ability to protect corporate assets and infrastructureDevelop and maintain documentation of relevant IT systems and security controlsAssess and capture security requirements within context of enterprise application architectureEnsure that application development and deployment meet FINCA security standardsProvides security input to design and application architectural reviewsReport on risks, risk mitigations, and residual business risksDevelop comprehensive and accurate reports and presentations for both technical and executive audiencesDevelop recommendations for improvementsMonitor appropriate sources for newly identified threats and vulnerabilitiesEffectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counselRecognize and safely utilize attacker tools, tactics, and proceduresDevelop methodologies to enhance red teaming processesAssist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staffExecute and/or lead (when required) red team assessments to highlight gaps impacting organization security postureResearching new/emerging security threats, vulnerabilities and exploit techniquesResponding to new attack surfaces and help implement new requirements as neededDevelop, manage, and maintain security testing industry frameworks and best practices: Cloud Security Alliance (CSA), NIST, SANS, CISPartner with Global Information Security and Business Continuity team members across the network to drive secure outcomes based on industry best practicesPlay a key role in Global Cybersecurity Team on developing threat modeling and new detection techniques, based on trending attack surfacesProvide support to business digital projects through entire project lifecycle (threat modeling, requirements definition, verification and validation)Job SpecificationQualificationsBachelor's Degree in a technical discipline or equivalent work experienceCertifications are not required, but will be considered in the evaluation process. Applicable certifications include: SANS, Splunk, CISSPKnowledge of security and control frameworks (such as ISO 27001, CobiT, NIST)Security certifications (CISSP, GIAC, CEH, CISM, OSCP) will be an assetExperienceMinimum 4-6 years of experience in a Security Manager/Analyst Role;Experience in a financial institution will be considered as a plus;Experience working in a large international organization or network will be considered as a plus;Experience with IT security assessmentsExperience with common assessment tools (examples Qualys, Tenable, Rapid7)Experience communicating assessment results to audiences with diverse technical proficiencyExperience constructively articulating business impact of vulnerabilities to various stakeholdersExperience with correlating and analyzing logs and events from various sources (e.g. Vulnerability Scanning, Virus Protection, SIEM)Experience with producing and customizing security queries, reports and dashboards from various sources (e.g. Vulnerability Scanning, SIEM, Virus Protection)Experience conducting application security reviews preferredExperience with scripting languages desiredKnowledge and SkillsAble to explain and deliver technical solutions in a practical wayAble to manage simultaneously multiple projects involving various stakeholders and to deliver results within deadlinesWork well in a team environment including cross-functional and cross-organizational teams maintaining composure in difficult situations with a professional attitude and ownership mindsetExcellent communication (oral and written) and interpersonal skillsProven ability to delegate and to empower teamsAbility to be a strongly credible ambassador for the FIF brand, including making presentations, and able to establish respect and credibility with media outletsStrong skills in analysis, problem-solving, and resolving disputesStrong technical reporting skillsHigh degree of initiative and ability to work with little supervisionKnowledge of Windows, Linux, and Unix operating systems. Hands-on experience a plusHigh level of personal integrity, and the ability to professionally handle confidential matters with appropriate judgment and maturityPenetration testing skills are considered a plusEager to learn and expand cybersecurity knowledgeLanguage SkillsFluency in EnglishFluency in other FINCA working languages, such as Spanish, French, or Russian is a plusAvailability to travel up to 50% of the timeIf you are interested, please apply now.

#J-18808-Ljbffr IT & Technology, Other