AVP- Security Incident Management (UAE National)

Overview

• The AVP, Security Incident Management will lead the incident response team within the Cyber Defense Center, ensuring timely and effective handling of security incidents.
• This/her role involves coordinating with various stakeholders, managing incident response processes, investigation, analysis, containment, recovery, communication, and reporting.
• Also continuously improving the organization’s incident management capabilities and meeting the compliance requirements.
• The Incident Manager plays a vital role in safeguarding the organization’s digital assets and maintaining its cybersecurity posture
• Alignment with Business Priorities: Ensure alignment with organizational goals and objectives
• Ownership and Accountability: Incident Manager takes full responsibility for the activities and the department’s, holding self and the team accountable for their outcomes.
• Driving Incident Response Maturity Enhancement: Proactively drives initiatives that enhance incident response and resilient cyber posture.
• Focus on Outputs and Impact: Focus on delivering outputs that create meaningful impact such as enhanced security culture and protection posture of the bank.
• Innovation and Automation: Continuously seek innovative solutions and automated processes for efficiency.
• Continuous Learning and Improvement: Committed to learning from experiences and continuously improving relevant processes and outcomes.
• Incident Analysis: Quickly analyzing incidents to understand their root causes is essential. This involves gathering data, identifying patterns, and determining the impact on systems and users.
• Critical Thinking: The ability to think critically and evaluate situations from multiple angles helps in devising effective solutions under pressure.
• Technical Knowledge: A strong technical background allows you to understand the systems and technologies involved, which is crucial for diagnosing issues and coordinating with technical teams.
• 12+ years of rich experience in information security domain and at least 6-8 years of dedicated experience in Security Incident Response.
• Hands on experience in implementing and operationalizing SIEM/SOAR tools such as Sentinel, ArcSight etc.
• Experience in defining and reporting KPIs for Security Incident response.
• Familiarity with advanced SOC monitoring technologies, risk, threat and security measures.
• Knowledge across the SOC domains including governance, control frameworks, policies, compliance management, risk management and incident response etc.
• Comprehensive knowledge of regulatory and compliance requirements and how they influence the bank's Information Security strategy.
• Preferably worked in BFSI domain with proven experience in SOC function.
• Strong understanding of key security standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035 etc.
• Deep understanding of Security Incident response frameworks and their application in creating robust policies.
• Automate potential resilient security processes to ensure continuous compliance with security best practices.
• Maintaining up-to-date knowledge of security trends, threats, and countermeasures
• Assess and design security posture determination processes, tools and methodologies
• Reviewing and approving use cases/playbooks for SIEM/SOAR tools
• Continuously monitor security hygiene and performance using tools and processes
• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilience