Job description
Key Responsibilities
1. Security Operations & Incident Management
- Oversee and strengthen the Security Operations Center (SOC) for monitoring, detection, and incident response.
- Manage and optimize SIEM, EDR, IDS/IPS, and other security tools to improve threat detection and response.
- Direct incident response activities, including investigation, containment, eradication, and recovery.
- Conduct post-incident reviews and implement measures to prevent future occurrences.
2. Vulnerability & Threat Management
- Coordinate vulnerability assessments, penetration testing, and remediation efforts.
- Monitor emerging threats and implement proactive security measures.
- Collaborate with IT and engineering teams to patch vulnerabilities and harden systems.
3. Security Compliance & Risk Management
- Ensure compliance with industry standards and regulations (PCI DSS, MAS TRM, GDPR, etc.).
- Support audits, risk assessments, and regulatory reviews.
- Maintain and update security policies, procedures, and documentation.
4. Security Awareness & Collaboration
- Develop and deliver security training and awareness programs for employees.
- Work with DevOps and engineering teams to integrate security into CI/CD pipelines.
- Liaise with external partners, vendors, and law enforcement on security-related matters.
Job Requirements
- Bachelor's degree in Cybersecurity, Computer Science, or a related field.
- 5+ years of experience in information security, including 2+ years in a security operations management role.
- Hands-on experience with SIEM (e.g., Splunk, Azure Sentinel), EDR, firewalls, and cloud security (AWS/Azure/GCP).
- Strong knowledge of threat intelligence, malware analysis, and forensic tools.
- Familiarity with PCI DSS, MAS TRM, and other financial sector regulations.
- Excellent leadership, communication, and problem-solving skills.
