Lead, Cyber Security Engineer -UAE National

Job Summary

General Responsibilities

• **Policy, Procedures, Process and Systems**
• Ensure the compliance of organization's policy, systems, processes, procedures, and controls in line with group delegation of authority policy so that all relevant procedural/ legislative requirements are fulfilled while consistently delivering quality and cost-effective service.
• **Reporting**
• Ensure that all reports are completed timely and comply with HQ and business policies and standards.
• Provide support in the preparation of periodical management reports and progress reports to keep the business senior management informed about the progress of various initiatives and to facilitate decision-making.
• Comply with organization requirements in a timely manner.

Job Specific Responsibilities

• Lead the design and integration of Security Information and Event Management/ Security Orchestration, Automation and Response (SIEM/ SOAR) systems with existing security tools, systems, and platforms to ensure seamless operation and maximum efficiency.
• Customize and optimize SIEM/ SOAR solutions to improve threat detection, incident response, and overall security operations.
• Manage configuration of systems to detect, monitor and respond to threat incidents in the watchlists and create rules within the systems to meet compliance and audit requirements.
• Perform technical account management duties by assessing unique requirements, addressing their concerns, and ensuring the SIEM/ SOAR system meets their specific needs.
• Administer user accounts within the SIEM/SOAR system, including creating, deleting, and modifying accounts as required; oversee log source alterations, troubleshoot issues with log sources or systems, and promptly report any system defects that require attention.
• Conduct formal health checks and administrative password change, track performance of SIEM/ SOAR platforms to identify critical issues and perform formal architectural reviews to evaluate the system's design and make recommendations for enhancements or optimizations.
• Facilitate creation of custom rules or modify existing rules within the SIEM/ SOAR system to address specific security requirements and improve detection and response capabilities.
• Manage product enhancement and feature requests with vendors to improve the functionality and capabilities of the SIEM/ SOAR system and perform software upgrades, updates, and patches to ensure the system is up to date with the latest security features and fixes.
• Develop customized Watchlists based on client requirements, ensuring that the SIEM system effectively monitors and alerts on specific events and activities.
• Implement testing and configuration of new products and technologies and evaluate their compatibility, functionality, and effectiveness in enhancing security operations.
• Manage and continually develop the artificial intelligence platform and its connectivity to the SIEM/SOAR.
• Support the design and documentation of work processes by defining standard operating procedures, workflows, and guidelines with Security Operations Center (SOC) to ensure efficient and effective security operations.
• Develop, prepare, and customize custom reports to deliver tailored insights and in-depth analysis, ensuring the provision of valuable and actionable information.
• Ensure compliance with global laws and regulations pertaining to data transfer and data centralization, by implementing and maintaining robust security measures within the SIEM/ SOAR system.
• Formulate and implement automation initiatives to facilitate effective execution of operational changes and reduce downtime.
• Attend vendor-specific meetings and conferences to stay updated on the latest industry trends, technologies, and best practices to contribute to the continuous improvement of the SIEM/ SOAR systems.
• *These responsibilities are representative, and the role holder is also responsible for any other job assigned by the superior authorities from time to time.*

Essential Requirements

• Bachelor’s degree in Information Technology, Information Security/Assurance, Engineering or equivalent
• 6 years of experience in security operations or similar role

Preferred Requirements

• Master’s degree Information Technology, Information Security/Assurance, Engineering or equivalent
• 6+ years of experience in security operations or similar role
• Certification in CISSP/CySA/CSAP/Networking Security/Security tools/SAN/GIAC/ GICSP