Senior Manager - IS - Risk Management.MGN EGY - ISG - Information Security Program.Risk Management-MEGPCOE

Mashreq

Apply now Apply later

Posted 1 day ago

To develop, manage, and execute cyber security project across Mashreq to –

Lead and oversee the strategic operations of the Cyber Defense Center (CDC) to ensure effective monitoring, detection, analysis, and response to advanced cybersecurity threats.
Develop and implement security strategies, policies, and procedures to manage and mitigate risks across the organization.
Guide and mentor the team in using SIEM platforms (Azure Sentinel & ArcSight preferred) and other security solutions to address complex and critical security events.
Coordinate with senior leadership and external stakeholders to enhance the organization's security posture and ensure compliance with regulatory requirements.

Strategic Security Management:
- Develop and implement strategies for monitoring and responding to security events from SIEM systems (Azure Sentinel & ArcSight preferred).
- Analyze and respond to security events from diverse data sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications.
Advanced Threat and Incident Management:
- Create and refine alert rules and logic in SIEM to detect significant events and threats.
- Perform precise, real-time analysis and correlation of logs/alerts from multiple sources.
- Utilize established policies, standards, and procedures to classify security alerts as incidents and guide incident response efforts.
Leadership and Improvement:
- Improve incident response times and reduce false positives by refining detection capabilities and processes.
- Assist in the design, implementation, and execution of security awareness programs and risk-based security controls analysis.
- Update and enhance processes and policies (SOPs, playbooks, runbooks) with a deep understanding of cybersecurity best practices.
Cross-Functional Collaboration:
- Collaborate with compliance, audit, and regulatory teams to provide necessary information, data, and evidence.
- Keep up-to-date with industry knowledge and trends to maintain a high level of security proficiency.

Educational Background:
- Graduate/Postgraduate degree in Science, Engineering, or IT.
Certifications:
- Minimum of 2 professional certifications from CISSP, CISM, CRISC, CISA, or equivalent.
Experience:
- Extensive experience in SIEM design and implementation, with a strong background in Cyber Defense Center or Security Operations Center roles.
- Over 12 years of experience in SOC & CDC, with proven leadership skills and expertise in managing complex security operations.
Skills:
- Proficiency in managing SIEM policies and enhancing security operations.
- Strong analytical skills for evaluating security requirements and implementing appropriate controls.
- Excellent documentation and report writing skills.
- Knowledge of the banking environment is advantageous.