Team Leader - Security Operations Centre - UAE Nationals Only

JOB PURPOSE

• To oversee the Security Operations Centre, handling escalations, forensic investigation and perform critical/ complex analysis of real time and historic events to ensure appropriate identification, response and reporting upon detection of events of interest and security events are managed proficiently to closure while adhering to all the required standards and requirements

ACCOUNTABILITIES

Security Operations Centre

• Oversee the day-to-day operational security monitoring, forensic analysis, incident response, data leakage monitoring, SIEM, phishing attacks and security operations support in order to continuously protect of the information systems and IT infrastructure

• Ensure the proper collection, analysis and reporting of forensic analysis data and provide recommendations for improvement, in order to ensure the required policies and processes are adhered to

SIRT Participation

• Work with the SOC manager on any investigations concerning security incidents, breaches to the bank’s data, network, applications, databases or other systems and support the ongoing activities of the SIRT Committee in order to take precautionary measures to protect ADCB information assets

Risk Mitigation

• Support the on-going assessment and measurement of information risk objectively and consistently in order to ensure adherence to required standards

Technology Security

• Oversee and conduct critical/ complex periodic vulnerability assessments, internal and external penetration tests, infrastructure baselines compliance tests, pre-production review of applications/technical systems in order to ensure that all security requirements/ standards are incorporated

• Research patch updates for technology and evaluate information security notices issued by information systems vendors, CERT and makes recommendations to the IT Department technical staff to take precautionary measures to protect ADCB information assets

Reporting

• Collate risk status and related information periodically in order to generate KRI/KPI reports as required

People Management

• Manage self and team in line with ADCB’s people management policies, procedures, processes and practices to ensure adherence and to maximise own and employee contribution to business performance

• Organise and supervise the activities and work of the team to ensure that targets and objectives are achieved and the business plan is delivered in line with the required policies, processes, procedures and systems

Policies, Processes, Systems and Procedures

• Implement approved departmental policies, processes and procedures, and ensure employee adherence so that work is carried out to the required standard while delivering the required standards of service to customers and stakeholders

Continuous Improvement

• Manage and motivate the team to ensure they contribute to, and participate in, the identification and implementation of change initiatives, programmes and projects in line with the bank’s standards

Customer Service

• Demonstrate Our Promise and apply the ADCB Service Standards to deliver the bank’s required levels of service in all internal and external customer interactions

EXPERIENCE, QUALIFICATIONS & COMPETENCIES

Minimum Experience

• At least 8 years of experience in a banking industry or similar environment, e.g. a demanding service industry where employees are able to work under pressure

Minimum Qualifications

• Bachelor’s Degree in Computer Science or equivalent, e.g. diploma (mandatory)

Professional Qualifications

• Professional Certifications such as CISSP/ GCIH/CHFI

Knowledge and Skills

• Knowledge of IT/IS security encompassing various aspects of cyber intrusion threats including activity, methodologies and techniques, firm understanding of Computer Network Defense and Information Assurance

• Expertise and knowledge of security devices, network components

• Skills; unauthorised access, cyber espionage, data theft/leakage, mobile device/remote attack, insiders, phishing, application database or system compromise, anti-virus, malware and botnets, session hijacking, malicious code delivery techniques, social engineering, network and system reconnaissance

• Understanding of methods used to mitigate control or monitor such exploitation, attack and intrusion techniques

• Attack and penetration understanding in testing of Internet infrastructure and Web-based applications utilising manual and automated tools

• Understanding of the vulnerabilities in operating systems, databases and major applications and must possess the technical knowledge necessary to mitigate these vulnerabilities

• Knowledge of event monitoring and analysis of events presented on a Security Information Management/Event Management System (SIM/SEM)

• Sound knowledge of information security, data classification and industry standard frameworks such as ISO 27001, PCI-DSS, etc., preferably gained in the Financial Services sector

• Experience in performing complex log analysis and troubleshooting quickly and effectively in time sensitive situations