Cybersecurity and Cyber Defense Center

Senior Manager - Cybersecurity and Cyber Defense Center
Department

Information Security Group (ISG)
Direct SupervisorVP - Cybersecurity and Cyber Defense Center Job Number Job Purpose

To develop, manage, and execute cyber security project across Mashreq to –

· Lead and oversee the strategic operations of the Cyber Defense Center (CDC) to ensure effective monitoring, detection, analysis, and response to advanced cybersecurity threats.

· Develop and implement security strategies, policies, and procedures to manage and mitigate risks across the organization.

· Guide and mentor the team in using SIEM platforms (Azure Sentinel ArcSight preferred) and other security solutions to address complex and critical security events.

· Coordinate with senior leadership and external stakeholders to enhance the organization's security posture and ensure compliance with regulatory requirements.

Dimensions

Number of Staff

-

Others

India
Key Result Areas
• Strategic Security Management:
• Develop and implement strategies for monitoring and responding to security events from SIEM systems (Azure Sentinel ArcSight preferred).
• Analyze and respond to security events from diverse data sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications.
• Advanced Threat and Incident Management:
• Create and refine alert rules and logic in SIEM to detect significant events and threats.
• Perform precise, real-time analysis and correlation of logs/alerts from multiple sources.
• Utilize established policies, standards, and procedures to classify security alerts as incidents and guide incident response efforts.
• Leadership and Improvement:
• Improve incident response times and reduce false positives by refining detection capabilities and processes.
• Assist in the design, implementation, and execution of security awareness programs and risk-based security controls analysis.
• Update and enhance processes and policies (SOPs, playbooks, runbooks) with a deep understanding of cybersecurity best practices.
• Cross-Functional Collaboration:
• Collaborate with compliance, audit, and regulatory teams to provide necessary information, data, and evidence.
• Keep up-to-date with industry knowledge and trends to maintain a high level of security proficiency.

Key Principles
• Strategic Leadership:
• Provide strategic direction and leadership to the Cyber Defense Center, ensuring alignment with organizational goals and cybersecurity best practices.
• Enhanced Threat Detection and Response:
• Drive improvements in threat detection and response capabilities, ensuring accurate identification and swift remediation of security incidents.
• Continuous Process Improvement:
• Continuously evaluate and enhance security processes and policies to adapt to evolving threats and improve operational efficiency.
• Effective Communication and Collaboration:
• Maintain strong communication with internal teams, senior management, and external stakeholders to ensure effective security management and compliance.
• Ethical and Professional Standards:
• Uphold high ethical standards in all security practices, ensuring compliance with regulations and protecting sensitive information.

Operating Environment, Framework and Boundaries, Working Relationships

· Information Security / Cyber Security Regulations and Industry best practices.

· HO (Head Office) and International Regulators and Supervisors across the bank is operating.

· All business units including LOD 1-3 including LOD1 – Business, Tech GRC, Technology, LOD-2 Group Compliance, Fraud Prevention, Risk Management and LOD-3 Internal Audit.

Problem Solving
• Proactive and Strategic Problem Solving:
• Lead proactive monitoring and root cause analysis of security incidents to address underlying issues effectively.
• Provide strategic guidance during incident response activities for complex security incidents.
• Log Source Management and Optimization:
• Oversee the onboarding and integration of new log sources, optimizing data accuracy and enhancing threat detection capabilities.

Decision Making Authority Responsibility

· Evaluation and Innovation:

o Lead evaluations and Proof of Concept (PoC) for new security solutions and technologies, driving innovation in security practices.

· Security Metrics and Architecture:

o Monitor and analyze key security metrics to ensure alignment with security standards and contribute to the development of Security Reference Architecture.

· Policy and Strategy Development:

o Guide the creation and refinement of security policies, including scope and control decisions, ensuring alignment with organizational and regulatory requirements.

· High-Level Collaboration:

o Collaborate with senior management, vendor personnel, and other teams to achieve security objectives with minimal supervision.

Knowledge, Skills, and Experience
• Educational Background:
• Graduate/Postgraduate degree in Science, Engineering, or IT.
• Certifications:
• Minimum of 2 professional certifications from CISSP, CISM, CRISC, CISA, or equivalent.
• Experience:
• Extensive experience in SIEM design and implementation, with a strong background in Cyber Defense Center or Security Operations Center roles.
• Over 12 years of experience in SOC CDC, with proven leadership skills and expertise in managing complex security operations.
• Skills:
• Proficiency in managing SIEM policies and enhancing security operations.
• Strong analytical skills for evaluating security requirements and implementing appropriate controls.
• Excellent documentation and report writing skills.
• Knowledge of the banking environment is advantageous Read more