The candidate will oversee and coordinate the activities of Cyber Security personnel and implement security assessment and incident response protocols in the Liquid Intelligent Technologies Security Operations Center [SOC]. Candidates will coach personnel on technical issues and verify that they follow SOC policies to ensure all services are functioning optimally. They must establish and maintain metrics that help provide a high level of productivity, supportability, and operational readiness while also participating in project planning activities such as infrastructure enhancements and change management controls.
Requirements:
Responsible for day-to-day cyber security operations management and cyber intelligence monitoring and threat analysis.
Manage threat hunting and security monitoring staff and activities.
Coordinates response, triage and escalation of security events affecting the company’s information assets and activities with the Incident Response team.
Oversee and assist with the development of operational runbooks to improve the efficiency of cyber security team’s detection and response capabilities
Facilitate the creation of reports, dashboards, metrics for cyber security operations and presentation to senior management.
Co-ordination with stakeholders, build and maintain positive working relationships between various service towers of the business and customers.
Provide leadership and support during high severity security incidents and investigations.
Optimize the processes to respond to and investigate detected attacks.
Performs all aspects of employee development, working to ensure employee growth and retention.
Mentor and train new personnel.
Develops and maintains employee development plans.
Develop and assess KPI’s for each team member.
Responsible for ensuring spending is within budget allocation.
Lead the development and implementation of a SOC that monitors security events for anomalies and detects security incidents.
Guide the incident response and disaster recovery team in development, testing and maintenance of incident response plans.
Design, coordinate, and oversee monitoring capabilities to verify the security of systems, networks, databases, user behaviour, file integrity, and cloud environments, and manage the remediation of identified risks and vulnerabilities.
Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
Act as the most senior incident escalation point for the team. This position will ensure steady state operations are optimally configured and running 24/7/365.
Utilize key performance indicators to track analyst workloads as well as the efficiency of detection signatures/rules and associated monitoring technologies.
Identify potential process improvement projects and serve as a change agent through IT.
Support the design and implementation of procedures and controls necessary to ensure and protect the safety and security of all information systems assets, including prevention of intentional or inadvertent access, modification, disclosure, or destruction.
Provide subject matter expertise and counsel to management regarding vendors, technologies, and special projects.
Support the preparation of appropriate reports and communicate status and results.
Qualifications & Education Requirements:
Grade 12 with Maths & Science (Required)
BSc/ B Tech /Comps or equivalent IT Security Diploma
Additionally, one more certification in the following information security domains.
CISSP
GCIH
GSEC
CEH
Experience Required:
Minimum of six (6) years of work experience and three (3) years of relevant management experience in a Security Operations Center [SOC].
Strong analytical and organizational skills.
Concise writing skills, excellent MS Word skills as well as other MS Office Applications.
Experience with securing various environments preferred.
Experience in working across security technologies.
Managed security services experience across complex architectures.
In depth understanding of the role of SIEM engineering tools and dashboards.
In depth understand of incident response, containment and management.
Prior experience to advise, plan, deploy, configure, manage or monitor large scale SIEM solutions.
Ability to communicate effectively with all levels, influence, persuade and be credible internally and externally
Must work well under pressure and changing priorities
Have demonstrated ability to plan, prioritize, coordinate and manage multiple, and often conflicting, initiatives
Able to establish trust and build on-going client relationships
Ability to translate and clearly formulate technical issues in business terms
Good interpersonal skills
Analytical and Problem-solving skills
Possess a strong work ethic and sense of urgency
Team player
Self-starter
Outcomes driven yet risk aware
Knowledge, Skills and Characteristics Required:
Knowledge of overall ICT solutions, in particular cloud and data security architectures
Skilled at managing and resolving issues related to the technologies and working with operational security teams
Skilled at working with both ICT and security teams
Being able to demonstrate technical capability and convey this knowledge
Being able to create customer enthusiasm, articulating the technical scenario where needed
Deliver thought leadership
Analytical skills
Interpersonal skills
Strong verbal, written and communication skills
Persuasive
Relationship building and management
Internal and external stakeholder management
Pro-active and innovative
Attention to detail
Work under pressure
Organised
Eager and willingness to learn
Self-motivated
Disciplined
Innovative
Results driven
