Cybersecurity Operations Center (SOC) Director

Job Specific Accountabilities:

Cyber Threat Monitoring and Detection

• Oversee the 24/7 operation of the Security Operations Center (SOC), ensuring continuous monitoring of cyber activities to detect and respond to threats promptly.
• Lead cybersecurity data analysis teams, utilizing advanced analytical techniques to identify potential threats and analyze abnormal patterns in networks and systems.
• Develop advanced methodologies for early cyber threat detection, enhancing SOC capabilities in identifying suspicious activities before they escalate.
• Supervise regular penetration testing and security assessments to identify and mitigate vulnerabilities proactively.
• Identify cyber threats relevant to the organization, provide recommendations for addressing security gaps, and assess global cyber threats for potential impact.
• Optimize the Vulnerability Management Program by identifying, classifying, reporting, and tracking security vulnerabilities until resolution.
• Ensure the effective operation of the Security Operations Monitoring Center, define required security logs, develop dashboards to monitor cybersecurity status, and generate necessary reports.
• Conduct security assessments of the organization's technology infrastructure to ensure its integrity and identify any indications of breaches or cyber threats, while performing digital forensic analysis to detect ongoing threats.

Incident Response and Digital Forensics

• Lead cybersecurity incident response operations, coordinating emergency teams to ensure efficient handling of attacks and minimizing their impact.
• Oversee digital forensic investigations following security incidents to extract critical evidence, identify the source of threats, and develop preventive measures.
• Develop and maintain effective cybersecurity incident response plans covering multiple attack scenarios, ensuring periodic testing for effectiveness.
• Provide detailed analytical reports on cybersecurity incidents, including root cause analysis and recommendations for strengthening security measures.
• Monitor and address cybersecurity incident reports received from the National Cybersecurity Authority, ensuring timely resolution.

Cybersecurity Governance and Compliance

• Ensure the implementation of cybersecurity policies and procedures within the SOC, aligning with local and international regulatory frameworks and standards.
• Ensure compliance with cybersecurity regulations issued by relevant authorities and oversee internal and external audits to enhance adherence.
• Lead the development and improvement of the Minimum Baseline Security Standards (MBSS) at the organization level to ensure maximum protection of systems and data.
• Ensure the creation and periodic updating of cyber threat detection models, as well as the development of guidelines and instructions for handling anticipated cyber incidents.

Cybersecurity Infrastructure Development

• Oversee the operation and enhancement of advanced cybersecurity solutions, ensuring seamless integration with the organization's technology infrastructure.
• Direct security system updates and periodic improvements to tools and technologies used for monitoring and responding to cyber threats.
• Utilize artificial intelligence and machine learning to enhance SOC capabilities in predicting and mitigating cyber threats more effectively.
• Lead cybersecurity digital transformation projects to improve SOC operational efficiency and strengthen system resilience against evolving threats.

Minimum Qualification and Experience:

• Bachelor's degree in information security, Information Technology, or a related field.
• 8+ years of experience in Managing Security Operations Centers (SOC), Security analysis tools and techniques, Penetration testing and vulnerability management, Compliance standards and security frameworks, Cybersecurity strategies and risk assessment, or any other relevant field.
• Preferred at least 2 years in a leadership role.