Manager - Threat Hunting.MGN Egy - Information Security Governance.Risk Management-MEGPCOE

Administration:

Leads the administration of SOAR (Security Orchestration and Response solution) solutions within the Cyber Defense Center, enhancing the efficiency and effectiveness of an organization’s security operations through the use of automation and orchestration. 

This role involves working closely with the security operations team to develop automated workflows, integrate various security tools, and respond to security incidents efficiently 

SOAR Manager effectively streamlines security operations, improve incident response times, and enhance overall cybersecurity resilience

• Technical Proficiency: Deep understanding of security technologies, including SOAR (Security Orchestration and Response solution) platforms, threat intelligence platforms, SIEM solutions and other cyber monitoring tools and technologies.
• Design, implement, optimize security workflows, Create automated playbooks and ensure proper orchestration between multiple security tools and systems
• Automation and Scripting: Proficiency in scripting languages such as Python, PowerShell, or Bash to automate repetitive tasks and integrate different security tools.
• Incident Response: Strong knowledge of incident response processes and frameworks, including the ability to coordinate response efforts during security incidents.
• Analytical Skills: Ability to analyze complex security data, identify patterns, and make informed decisions to enhance security operation.
• Project Management: Experience in managing projects, including planning, execution, and monitoring of SOAR implementations and improvements

Essential knowledge

• Have over 8+ years of rich experience in information security domain and at least 4-6 years of dedicated experience in Security Incident Response using SOAR solutions. 
• Hands on experience in implementing and operationalizing SOAR tools preferably on Sentinel or Splunk SOAR, Palo Alto Cortex XSOAR, or IBM Resilient 
• Familiarity with advanced SOC monitoring technologies, risk, threat and security measures. 
• Knowledge across the SOC domains including governance, control frameworks, policies, compliance management, risk management and incident response etc.
• Preferably worked in BFSI domain with proven experience in SOC function.
• Knowledge of key security standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035 etc.

Skills and Application 

• Automate potential resilient security processes to ensure continuous compliance with security best practices.
• Maintaining up-to-date knowledge of security trends, threats, and countermeasures
• Assess and design security posture SOAR solutions, tools and methodologies
• Reviewing use cases/playbooks for SOAR tools
• Continuously monitor security hygiene and performance using tools and processes
• Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilience

Other

• Sound knowledge of evolving advanced tech stacks and related control and risk universe from a SOC perspective.
• The ideal candidate will have a technical or computer science degree.
• Professional certifications: GCIH, CISSP, CEH etc.