About the Job:
The Cybersecurity Operations Lead’s main role is to ensure the strength of our organization's cybersecurity posture. In this position, you will be responsible for monitoring, analyzing, and responding to security incidents and threats within the organization’s IT environment. Your collaboration with cross-functional teams will be essential to protect our critical systems, applications, and data through advanced cybersecurity tools and techniques.
As a key player in identifying vulnerabilities, you will implement proactive security measures and drive continuous improvements in security operations. This role entails creating and maintaining incident response plans, conducting security assessments, and keeping updated on emerging cybersecurity threats and best practices.
Accountabilities:
- Monitor and respond to cybersecurity incidents and alerts, identifying potential threats, vulnerabilities, and weaknesses in the IT infrastructure.
- Lead the development, implementation, and management of the organization’s Security Operations Center (SOC) processes and procedures.
- Utilize security tools (e.g., SIEM, IDS/IPS, endpoint protection) for real-time detection and investigation of security incidents and breaches.
- Conduct root cause analysis for security incidents and implement corrective actions to mitigate future risks.
- Collaborate with IT, network, and development teams to integrate security practices into the IT lifecycle.
- Develop and maintain incident response plans and playbooks for effective security incident responses.
- Perform vulnerability assessments, penetration tests, and security audits to identify weaknesses.
- Stay informed of emerging threats, trends, and technologies to adapt security operations to evolving risks.
- Ensure compliance with industry regulations, internal policies, and best practices related to cybersecurity.
- Provide training and awareness programs to foster a security-first culture across the organization.
- Create and maintain security metrics, reporting on the effectiveness of security operations.
Education & Experience:
- Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field. A Master's degree or relevant certifications are a plus.
- Minimum of 8 years of experience in cybersecurity operations, focusing on incident detection, response, and mitigation.
- Experience in a Security Operations Center (SOC) environment, with hands-on experience using security tools such as SIEM, IDS/IPS, and endpoint protection software.
- Proven expertise in managing cybersecurity incidents, including incident response, forensics, and recovery.
- Strong knowledge of network security, firewalls, VPNs, endpoint protection, and cloud security.
- Familiarity with regulatory frameworks and compliance standards (e.g., GDPR, HIPAA, NIST, ISO 27001 & NESA).
- Knowledge of scripting or automation for security operations (e.g., Python, PowerShell, Bash) is a plus.
Language Requirements:
- Proficient in English (additional languages may be a plus, though not specified).
Work Conditions:
On-site
Location:
Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates
