IT Security Operations Manager - IC

Responsibilities:

1. Develop, manage and improve operational practices including overseeing service delivery for all aspects of the managed security services provider.
2. Drive security monitoring and reporting improvements.
3. Manage budgets of IT Security Operations team.
4. Facilitate in developing security awareness material and trainings for staff.
5. Manage and mentor IT Security Operations staff.
6. Oversee the creation and maintenance of information security strategy and policy, lead security risk assessment efforts, and investigate information security incidents.
7. Ability to manage and handle multiple matters and reprioritization as required by operational and security needs.
8. Strong communication skills, both verbal and written.
9. Advise and collaborate with different divisions/departments on projects, business continuity and disaster recovery plans, and audit and compliance practices.
10. Lead and manage all aspects of the outsourced Security Operations Center including weekly and monthly reporting, health and operational metrics, and adherence to contractual SLAs.
11. Manage the annual budget and ability to forecast spend.
12. Revise and develop processes to strengthen the current Security Operations Framework, ensuring alignment with security controls.
13. Responsible for vendor management, understand the overall use of resources and initiate any corrective action where required for the SOC.
14. Responsible for integration of security tools and ensuring the right security logs are feeding the SIEM.
15. Ensure strong alignment with various vendors involved in threat detection, identification, and protection.
16. Drive the creation of reports, dashboards, metrics for SOC operations and presentation to leadership.
17. Liaise with both internal and external auditors providing evidence and managing any remediation.
18. Foster the use of security best practices across the SOC, team members within Global Information Security, business segments, and technology solution providers.
19. Ensure all operational processes, run books, and platform strategies are documented, exercised, and continually improved.
20. Provide an advisory role to IT and the business to specify pragmatic security requirements.
21. Participate in audits and help remediate the findings.
22. Provide oversight to all security product evaluations, IT/business unit projects, and security risk assessments.
23. Report to senior management concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
24. Assist in the development of security architecture, security policies, principles, and standards.
25. Approve exception-based security requests.
26. Maintain up-to-date understanding of the latest threats, vulnerabilities, mitigation, and industry best practices.
27. Provide inputs to develop security awareness material and conduct security awareness training to staff.
28. Contribute to maintain and update IT Risk Register.
29. Assist the Data Protection Officer in enforcing data privacy requirements for IT systems.
30. Define, develop, and manage an effective and proactive cybersecurity incident response capability using a combination of in-house, outsourced, and external resources.
31. Assist as necessary to investigate security breaches and pursue associated forensic analysis, disciplinary, and legal matters.
32. Work with internal audit, legal and compliance, and outside consultants as appropriate on required security audits.
33. Assist with disaster recovery activities.
34. Participate and contribute in development and improvement of data governance and data classification principles.

1. Certification in information security disciplines such as CISM, CISA, or CISSP.
2. University graduate in IT.
3. 10 years within IT Security field and particularly in Security Operations in the last 5 years.
4. At least 3 years management experience.
5. Experience with common information security management frameworks, such as ISO 27001, CobiT, ITIL, PCI.
6. Experience with implementation of security technologies such as DLP, SIEM, IPS, Anti-Virus, PKI, and cloud security.
7. Experience with privacy legislation.
8. Able to present and communicate with senior stakeholders.