Senior Manager - Cyber Defense & Response

The role is responsible for overseeing cyber monitoring and response activities, managing major incidents, and coordinating emergency response efforts that necessitate thorough investigation. This role involves analysing and responding to cyber-attacks and data breaches, as well as conducting internal investigations to identify vulnerabilities. He/she proactively identifies emerging threats and ongoing attacks, establishing thresholds and managing event sources to enhance incident detection. They define processes, configure tools, and correlate data to improve event tracking and incident response effectiveness. By fostering awareness and collaboration across the organization, this role plays a crucial part in strengthening the bank's overall cybersecurity posture and resilience against cyber threats.

Responsibilities

• Define minimum guidelines for detecting, tracking, and escalating security events, ensuring effective response protocols are in place.
• Establish criteria for security events and define thresholds to enhance incident detection capabilities.
• Oversee 24x7 Security Operations Center (SOC) activities to monitor for cyber threats using SIEM, EDR, NDR, and threat intelligence platforms.
• Direct incident response efforts, conduct root cause analysis, and lead digital forensics investigations.
• Coordinate containment, eradication, and recovery activities for cyber incidents.
• Lead proactive threat hunting based on hypotheses and indicators of compromise (IOCs).
• Mentor and train staff, enforce shift discipline, and ensure readiness of the team.
• Brief executive leadership and external stakeholders, including regulators (e.g., SAMA, NCA), during and after incidents.
• Develop and maintain a cyber incident response program, playbooks, and workflows.

Required Skills

• A tertiary-level qualification from an internationally recognized institution.
• Industry-recognized certifications (e.g., eCIR, C|HE, GCIH, eCMAP, GCFA, or GNFA).
• 5 - 7 years of equivalent experience in Cyber Security.
• Knowledge of security principles, techniques, and technologies.
• Expert in Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response.
• Skills in Incident Response Planning and Security Information and Event Management.
• Strong behavioral competencies including Value-Led Accountability, Collaborative Agility, and Trust & Transparency.

Summary
The role is responsible for maintaining the bank's cybersecurity posture, responding to incidents, and fostering a collaborative security culture within the organization. Key duties include managing the Security Operations Center and conducting thorough investigations of cyber events.