SECURITY OPERATIONS CENTER(SoC) Manger

ACWA Power

Egypt, Cairo

8-10 Years

Save

Posted 8 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

The SOC manager is responsible for the strategic and operational oversight of the Security Operations Center (SOC), which manages security across both Information Technology (IT) and Operational Technology (OT) domains. This key leadership role is designed to enhance the organization's ability to monitor, detect, investigate, and respond to security threats and vulnerabilities in all technological environments. The SOC Manager ensures a comprehensive and integrated security strategy, safeguarding the organization's digital and physical infrastructure. In addition to driving the SOC's capabilities, the manager leads a team of analysts and engineers, fostering a proactive defense posture and continuously improving the organization's security operations across IT and OT landscapes

KEY ACCOUNTABILITIES:

Team Leadership & Development:

Lead, mentor, and develop a team of SOC analysts and engineers specializing in both Information Technology (IT) and Operational Technology (OT) environments.
Conduct regular performance reviews, provide feedback, and facilitate continuous professional development to ensure the team remains up to date with the latest security trends and technologies.

SOC Operations Management:

Manage the day-to-day operations of the SOC for both IT and OT systems, ensuring effective monitoring, detection, and response to potential security threats and incidents.
Oversee the deployment, maintenance, and tuning of security tools, including firewalls, intrusion detection systems, and host-based security solutions, tailored to the needs of both IT and OT environments.

Threat Detection & Response:

Monitor IT and OT networks to detect and investigate potential security breaches using advanced detection systems and tools.
Conduct threat detection across IT and OT systems, ensuring protection against a wide range of threats from various sources, including insider threats, external attacks, and supply chain vulnerabilities.
Deploy and manage detection systems that identify threats specific to IT and OT environments and associated services.
Correlate activity across IT and OT assets and environments to identify anomalous patterns and potential security incidents.

Incident Management & Reporting:

Review security alerts and data from IT and OT sensors, ensuring timely and thorough investigation of all potential incidents.
Document formal, technical incident reports following investigations, ensuring clear communication with relevant stakeholders.
Collaborate with threat intelligence and threat-hunting teams focused on IT and OT environments to enhance the organization's security posture.
Provide IT and OT network subscribers with incident response support, including recommending mitigating actions and facilitating forensic analysis when necessary.

Business Continuity & Disaster Recovery:

Contribute to the creation of business continuity and disaster recovery plans, particularly for IT and OT systems, including conducting tests, publishing results, and addressing identified deficiencies.
Ensure that business continuity plans are aligned with organizational goals and regulatory requirements.

Security Information & Event Management (SIEM):

Work with security information and event management (SIEM) platforms to manage and tune the system for both IT and OT environments.
Create and manage detection content in SIEM systems, ensuring active monitoring of alerts and appropriate response strategies.

Threat Intelligence & Analysis:

Develop and refine strategies for real-time security monitoring in both IT and OT environments, ensuring a proactive stance against emerging threats.
Research and stay informed about emerging threats and vulnerabilities relevant to IT and OT domains to improve incident detection and response capabilities.
Oversee the collection of intelligence from various credible sources, both internal and external, to identify potential threats and vulnerabilities in IT and OT environments.
Analyze gathered intelligence to extract actionable insights, identify trends, and understand adversary tactics, techniques, and procedures (TTPs) for both IT and OT.

Collaborative Security Strategy:

Collaborate with internal and external stakeholders to integrate IT and OT security monitoring tools and processes, ensuring a cohesive security strategy across the organization.
Formulate a robust threat intelligence strategy that aligns with the organization's broader security goals and risk management framework for both IT and OT environments.
Analyze threats using intelligence from various sources, anticipating and mitigating potential attacks across IT and OT systems.

QUALIFICATIONS:

Bachelor's degree in computer science, Information Security, or a related field.
Professional certifications such as CISSP, CISM, or GICSP are highly desirable.
Minimum of 8 years of experience in a security operations role with at least 3 years in a managerial position.
Proven experience in both IT and OT security environments.
Strong analytical skills and experience with security information and event management (SIEM) systems.
Excellent communication and leadership skills.
Proven experience in SOC operations, including managing teams of SOC analysts and engineers in both IT and OT environments.
Extensive knowledge of security tools, firewalls, intrusion detection systems, and SIEM platforms.
Strong understanding of IT and OT security threats and vulnerabilities, including attack vectors, adversary tactics, techniques, and procedures (TTPs).
Familiarity with business continuity and disaster recovery planning for IT and OT systems.
Strong leadership, communication, and collaboration skills, with the ability to work across multidisciplinary teams.