Solution Operations Manager

Job Description
The SOC Operations Manager is responsible for leading a 24×7 team of security experts, The SOC Operations Manager will help deliver the traditional SOC operations using automation, orchestration and analytics.
Responsibilities include but are not limited to the oversight of day-to-day operations for the Next Generation delivery team, maturing processes and driving new innovations. The manager will also be responsible for maintaining mature service delivery methodologies for their practice areas. The SOC manager for NGSOC is a high visibility role and requires a strong technical leader with outstanding customer service skills capable of planning and executing to meet core objectives.
• Deliver quality security outcomes
• Drive efficient and timely operations
• Actualize continual improvement and innovation
• Protect the customer
**Education and Experience Requirements
• Examine network topologies to understand data flows through the network.
• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
• Monitor external data sources (e.g.Threat Intelligent sources, etc.) to maintain currency of threat condition and determine which security issues may have an impact on the organization services and information’s.
• Use SOC tools for continual monitoring and analysis of system activity to identify malicious activity.
• Perform automated responses using SOAR platform
• Continuously identify use cases that can be automated using SOAR platform work with SOC Engineer to develop playbooks for automation
• Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.
• Strong ability to identify needs & driving solutions, and providing guidance, in an autonomous manner
• Deep understanding of large, complex corporate network environments
• experience in penetration testing, ethical hacking, exploit writing, and/or vulnerability management
• Recent experience with malware analysis and reverse engineering
• Minimum of 6 years control systems security background with relevant previous experience in a technical or consulting environment.
• Experience with ICS systems and ICS security industry practices with exposure to Operational technologies
• Minimum 6 years with supporting PLC, DCS, SIS, HMI or SCADA systems. Experience supporting and troubleshooting industrial protocols such as OPC, Modbus TCP, HART, Foundation Fieldbus
• Experience deploying or supporting security practices and technologies such as risk or vulnerability assessments, antivirus software, firewalls, intrusion detection systems, centralized alert logging and monitoring in ICS environments (energy companies or large manufacturing organizations)
• Work with Manufacturing Sites, Engineering and IT teams to analyse existing OT architecture
• Communicates directly with OT vendors, asset owners, and business response plan owners during high severity incidents
• Analyse, define and implement new structures for existing OT Firewall VLAN’s to ensure they align to defined internal segmentation principles
• Develop & implement reference architectures for standard services and applications within the OT environment
• Lead the project teams consisting of other security architects and security analysts
• Support for business development activities, including methodology development, proposal writing, and direct support for presentation to potential clients
• Capability to develop professional documents in the form reports, analysis, methodologies in the English language,
• Knowledge of Cybersecurity risks associated with vulnerability testing, patch management, and secure configuration management.
• Experience with Vulnerability Response and action solution.
• Ability to work with and influence developers, development managers, project managers, technology peers, and business contacts are required.
• Lead 24×7 delivery team, drive accountability within SOC engineering.
• leader in security engineering and operations delivery – driving automation, analytics, and advanced threat analysis.
• Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to in order to drive operational excellence.
• Provide administrative direction and support for daily operational activities
• Analyze, report on, and make recommendations for the improvement and growth of the Next Generation infrastructure and systems.
• Manage the deployment, monitoring, maintenance, development, upgrade, and support of all Client managed systems, operating systems, hardware, and software.
• Develop and maintain an educational environment where the knowledge and performance of the group is constantly advancing.
• Develop and mentor staff through open communication, training and development opportunities, and performance management processes; build and maintain employee morale and motivation.
**Technician Skills and Qualifications:
• Excellent analytical and problem-solving skills.
• Ability to successfully interface with clients and manage expectations
• strong influencing, negotiation skills.
• Good communication skills and presentation skills.
• Ability to document and explain technical details in a clear and concise manner.
• Ability to adjust to multiple demands, changing priorities, ambiguity, and rapid change, while multitasking effectively.
• Demonstrated understanding of Information Security and Networking required.
• Demonstrated technical knowledge of current network security, network hardware, protocols, and standards required.
• Proven ability to diagnose and troubleshoot technical issues required
• Proven ability to make decisions and perform complex problem-solving activities under pressure.
• Previous management and project leadership experience required.
• Minimum 5 years Security leadership, with experience building long-term career development plans for team members at all levels.
• Experience in designing, implementing and measuring relevant security and technology management critical success factors, key performance indicators, and metrics.
• Ability to create shift schedules to ensure 24×7 coverage by support personnel
• In-depth knowledge of modern security concepts and how to apply them.
• Experience in managing and maintaining relationships with customersللتقدم على الوظيفة