Security Operations Centre Director

  • Competitive Salary
  • Muscat, Masqat, Oman
  • Permanent, Full time
  • EY
  • 25 Sep 16

Security Operations Centre Director

~~

EY is seeking a world leading Security Operations Center (SOC) Manager to join a unique and much sought after global team and network of SOCs.  The position will be awarded to a passionate and driven individual who wants to join an elite team to make a real difference in protecting some of the world’s leading organizations from the active cyber threat landscape.

The SOC manager will be responsible (along with the EY Cyber executive committee) to bring vision, innovation and execution to  EY SOC through a series of ongoing initiatives.  They will be expected to present to senior client executives at the SOC and help promote  leading edge services.  In addition, bring excellent collaboration skills  to form a strong network of global SOCs and their respective management.

The SOC Manager will be responsible for the management of  day-to-day, 24 hours round the clock and 7 days a week operations of the SOC. Responsibilities include to manage, mentor, and lead a team of SOC analysts providing cyber security monitoring services to various clients, responsible for continually improving customer experience, coach and develop the staff, achieve and exceed the quality metrics in a timely manner.

Responsibilities:

 

•Lead and manage SOC Team leaders and staff in the SOC


•Evaluate and monitor overall SOC effectiveness


•Oversee , event and incident management activities and access provisioning


•Supervise and monitor incident response activities and preparedness for SOC staff; participate and contribute to enterprise security breach response activities


•Collaborate with the Cyber Security Leadership to develop and update Security Operations standards, procedures, guidelines, and leverage best practices


•Oversee and manage Capital and Operations budget


•Monitor various sources of breaking security news and lead the Security Operations Team’s response to new threats and vulnerabilities as appropriate. Including, but not limited to, developing new attack signatures, identifying new indicators of compromise, communicating updated methods and tactics to the Security Operations Team and drafting client communications


•Actively participate in hiring of new team members, adheres to policies and procedures, and create motivational strategies to drive quality performance


•Identify opportunities to grow and improve SOC services, providing detailed recommendations for service enhancements, new services, and  products, as appropriate


•Generate new business opportunities by participating in market facing activities, executive briefings and developing thought leadership materials


•Strong collaboration with EY senior executives, other key stakeholders and importantly other EY SOC Managers to co-establish, promote and drive a Cyber SOC ecosystem


 

 


To qualify, candidates must have:

 


•Excellent team work capability, passion and drive to succeed and combat Cyber threats


•Managerial capabilities and experience to motivate a diverse group of individuals, strong interpersonal skills to foster a team environment, and the ability to create and implement action plans


•Previous supervisory experience in leading a SOC monitoring/response team


•Excellent analytical and problem solving skills


•Expert understanding of common cybersecurity attack vectors, threats, vulnerabilities, and countermeasures


•Experience performing security analysis utilizing SIEM technologies and Threat Intelligence


•Ability to build, lead, manage and motivate teams in a dynamic, mission-critical operations environment


•Expert understanding of computer networking, systems administration, and vulnerability management


•Manage customer relationships through resolving problems and following up on the status of projects


•Expert in Cyber Incident Response


•Awareness and knowledge of Big data analytics, dashboards, eGRC and behavioral analysis tools


•Awareness and knowledge Cyber OT and IoT issues


•Awareness and knowledge Attack & Penetration Testing / Ethical Hacking


•Awareness and knowledge Application Security Risk Assessment


Qualifications & Experience:

 

•Bachelor Degree in related discipline and 10+ years of experience in related field


•5+ years of experience in leading Security Operations and controls strongly preferred


•5 years of relevant technical and business experience required


•Leadership experience in managing cross-functional teams and influencing senior level management and key stakeholders


•Ability to be visionary, strategic, and tactical


•Knowledge of current and emerging security standards, privacy regulations and security requirements


•Ability to explain business principles of secure system designs in terms of business risk


•In depth Desktop OS and Server OS knowledge


•Strong networking and application knowledge


•Strong analytical and problem solving skills


•Network monitoring technology platforms such as Fidelis XPS, RSA or others


•End point protection tools, techniques and platforms such as CarbonBlack, Symantec, McAfee or others


•Internationally recognized technical certifications in relevant areas


•Hands-on experience with TCP/IP, security concepts, WAN and LAN concepts, Routing Protocols, Firewall Security policies


•Hands-on experience with  industry leading security vendor platforms, including products such as Juniper security devices, ASA, Snort, Cisco IDS, Websense, NetForensics, etc


•Hands-on experience with industry leading network management platforms


•Practical experience on customer service processes and solving issues


•Experience in VPN technology, PKI, AAA, and IDS concepts


•Understanding of the principles of best practice security as embodied in ISO27001


 

 

Who we are

 

Risk management protects business performance and contributes to sustainability in results. It's about achieving a clear understanding of risks and developing plans to manage them. As part of our team of risk professionals, you'll work with multinational businesses and public sector organizations to develop an integrated, holistic approach to risk and control. You'll help them benefit from their investments in internal controls and have greater confidence they can respond to whatever the future may hold. You'll be engaged in delivering some of the most significant and class-leading internal audit and risk engagements globally. As part of our market-leading global network of risk professionals, you'll gain the valuable experience you need to become a successful risk advisor. You'll also team with our performance improvement professionals in multidisciplinary engagements with major global clients, helping them transform and sustain their business performance. At Ernst & Young, we recognize that it's the perspectives, skills and enthusiasm you bring to our clients that makes the difference.