Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
Reporting into SOC Lead, the role will be responsible for:
- Auditing the third party outsourced Security Operations Centre (SOC) supplier, including understanding and tuning SOC use cases, managing alerts and incidents, coordinating with system owners to ensure full coverage of appropriate logs are collected, retained and contextualized.
- Coordinate with Group Information Security teams to ensure systems, processes and security tools are operating as required and provide the greatest risk mitigating benefit.
This particular role will also be required to support:
- Lead the development of a new Group SOC function, processes, procedures, playbooks and working practices to ensure 24/7 coverage of security alerts are managed and responded to within defined SLAs.
Responsibilities:
- Manage delivery of the third party supplied outsourced Security Operations Centre (SOC) capability as well as the in-house resources to triage and manage alerts and tickets.
- Support the SOC Lead to manage the Security Incident response team, coordinating and driving the Incident recovery activities with internal and external parties.
- Identify and report any deviations in the defined SOC processes, with continuous improvements.
- Suggest new technologies and tactical process that helps to optimize or improve the SOC operations.
- Work with the vendor to integrate Threat Intelligence from our outsourced providers to better tune and inform our defense in depth.
- Conduct monthly and quarterly reviews of the performance of the service working with the Group CISO to explain and highlight risk issues, positive examples and illustrative data points to the EXCO and BRTC.
- Develop, track and report KPIs and KRIs for the SOC and report risk posture as directed by Group CISO
- Represent information security during IT Incident Management calls and meetings, post incident reviews and support the ongoing refinement of Cyber Crisis Management plans
- Coordinate red team testing for all locations across Network International Group on behalf of the Group CISO
- Coordinate with Information Security teams to ensure that new tooling is integrated into a holistic Security operations Strategy, new projects have their IT assets onboarded to be monitored and change management teams are aware of the SOC requirements.
- Periodically review asset sheets to make sure all critical assets are sending logs to SIEM solution.
- Review information security exceptions and highlight risks associated with the exception to relevant audience to make sound risk-based decision following NI risk management frameworks.
- Manage the delivery of information security projects related to SOC to meet the NI information security strategies and goals.
- Execute other tasks as required by Head of Information Security Africa and Group
Job Requirements
- 3 to 5 years of experience in managing Security Operations Centre reporting and alerting in a large technology complex leading banking, financial, payment service provider institutions
- Strong hands-on experience in managing and maintaining SOC processes and procedures including but not limited to tools such as QRadar and Microsoft Sentinel
- Bachelors preferably IT discipline. Post graduate degree will be an added advantage.
- Certifications such GCIH, GCIA, eCIR, eCDFP, eCMAP, CISA, CISM, CISSP.
- Excellent verbal and written English communication skills. Must be able to present and articulate complex information security risks to technical and non-technical audiences in simple manner.
