Security Operations Manager

Purpose:

As part of the Security Operations team, this role is the Etihad subject matter expert, responsible for specific operations security services defined as part of the security operations service catalogue.The Security Operations Manager manages the technical delivery of supplier provided Security Operations services to agreed service level standards. The role oversees the day-to-day information security operations, including monitoring, analysis, detection and escalation of Information security risks and threats.

Accountabilities:

• Manage the technical delivery of security services by the managed security services providers. Specifically:

CrowdStrike, as the focal point for Falcon Complete, managing the relationship, responsible for CrowdStrike sensor deployment and configuration across the Etihad environment and operating model compliance.

Izoologic for Brand Protection managing incidents and working with all areas of Etihad business

IBM for delivery of Managed Security Services.

• Serve as the key point of contact for information security operational requests.
• Review supplier provided reports and ensure adherence to agreed SLAs.
• Ensure effectiveness of security services provided by the managed services provider for detection, prevention, protection and remediation of security incidents.
• Work as part of the incident response team on a 24x7x365 rota, with responsibility for all security related incidents (P1-P4).
• Ensure the enforcement of information security controls to Etihad security standards, policies and regulatory
• requirements by the managed services provider.
• Provide support for information security investigation requests.
• Report status of information security situational awareness as requested.
• Ensure that the service provider applies security policies, requirements and controls to all supported platforms.
• Manage security services providers, to define and document security procedures and configurations
• Internal stakeholder management, providing information up to Head of Cybersecurity and Head of Technical Systems on escalations and resolution progress; respond to stakeholder queries on information security operations.
• External stakeholder management, account Managers of managed service providers and suppliers and delivery personnel of managed service providers and suppliers.

Education & Experience:

• Deep knowledge and experience of endpoint detection and response (CrowdStrike preferred)
• Knowledge of and experience with Information Security operations tools including SIEM, IDS/IPS, End-point security, IAM, Email Security and DLPrequired.
• Understanding of ISO27001 and NIST and UAE Govt Cybersecurity standards, international and local regulations pertaining to Information Security and data privacy.
• Proficiency in industry standard Service Management Operations principles: Incident Management, Vulnerability Management, Change Management etc.
• Ability to manage execution of projects by security services providers and internal teams
• Very good written and oral communication skills required
• Graduate degree in Computer Science, Management Information Systems or equivalent