ASMO is a groundbreaking joint venture between DHL and Saudi Aramco. Inheriting DHL's logistics excellence and Saudi Aramco's extensive supply chain ecosystem, we are here to set a new benchmark and redefine the procurement and supply chain landscape, enabling growth.
ASMO aims to be operational in 2025 and provide reliable end-to-end integrated procurement and supply chain services for companies across the industrial, energy, chemical, and petrochemical sectors. Our focus customers in the short term will be Saudi Aramco and its Affiliates. In the long term, all the industrial sectors within Saudi Arabia aim to reach the MENA region.
Objective:
The Security Operations Center (SOC) Manager is responsible for overseeing the day-to-day operations of ASMO's Information Security Operations Center. The SOC Manager will oversee the identification, analysis and response to information security incidents, and ensure that the SOC unit follows the incident response procedures established by the CISO.
General Responsibilities:
- Contribute to the development and execution of the Information Security department's short to mid-term strategic plan to ensure alignment with the Information Security department's strategic priorities, and the corporate goals by leading the Security Operations unit.
- Contribute to the development of annual business plans for the assigned areas of responsibility in the Security Operations unit to support the achievement of financial and strategic objectives.
- Monitor, control and report key performance indicators related to the Information Security department to track performance and recommend corrective actions through the perspective of the Security Operations unit.
- Ensure that the SOC unit follows established incident response procedures, coordinate incident containment and eradication efforts, and manage the escalation and communication of incidents to appropriate stakeholders, such as the CISO.
- Maintain security monitoring systems and tools within the SOC; continuously monitor ASMO's information security systems to detect potential security breaches.
- Maintain security incident response plans and procedures; conduct periodic drills and exercises to test and improve incident response capabilities within the SOC.
- Track key performance indicators (KPIs) and metrics to measure the effectiveness of SOC operations; prepare regular reports on security incidents, response times, trends, and other relevant metrics to communicate current state to relevant stakeholders such as the CISO and the IT Security GRC Manager.
- Collaborate with ASMO's internal teams, such as Legal, HCD, or Technology, to conduct forensic investigations following security incidents.
- Ensure that SOC operations and incident response processes comply with relevant industry regulations, standards, and data protection requirements.
- Manage the activities of direct reports to ensure that all work is carried out in an efficient manner, in line with the annual business plans, policies and procedures.
- Manage the performance management process by setting annual objectives, and developing staff through mentoring, coaching and constructive feedback.
- Identify employees training and developmental needs and in conjunction with Human Capital Department bridge the knowledge gaps to ensure continuous progression, and high-level of competence within the team.
- Contribute to defining an optimum structure for the Information Security department via the Security Operations unit, to ensure smooth workflow of operational processes and optimal utilisation of resources.
- Provide input into the preparation and consolidation of the Information Security department's budget with regards to the Security Operations unit, monitor financial performance during the year and identify areas of unsatisfactory performance (if any), and recommend mitigating actions.
- Identify and manage implementation of change initiatives on systems, processes and practices considering international leading practices, and/or other changes in the business environment.
- Recommend improvements to departmental procedures, and ensure implementation of policies, procedures, systems and controls covering the Security Operations unit so that all activities meet ASMO's standards, compliance, and regulatory requirements, align to business requirements, and increase operational efficiency.
- Identify opportunities for the continuous improvement of systems, processes and practices considering international leading practices, in order to increase operational effectiveness within the unit.
- Ensure that all relative reports are prepared timely and accurately, and meet the Information Security department's requirements, policies and standards.
- Ensure compliance with regulatory requirements and relevant quality, health, safety, security and environmental procedures and controls across the Information Security department to guarantee employee safety and delivery of high-quality services.
Qualifications:
- Bachelor's degree in computer science, information technology, information security, cybersecurity or equivalent from a recognized and accredited university is required.
- Master's degree in computer science, information technology, information security, cybersecurity or equivalent from a recognized and accredited university is preferred.
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or any other relevant certification preferred.
- Demonstrated proficiency in oral and written English.
- 9 years experience in the same Field, out of which 3 years at a supervisory position or similar level.