The SecOps Manager will be responsible for the overall security operations of the organization. This includes managing and overseeing the implementation of security systems, policies, and procedures to ensure the confidentiality, integrity, and availability of the organization\'s systems and data related to all the information and operational technology systems of the Dubai Metro and Dubai Tram environments. Other responsibilities may include conducting risk assessments, incident response, vulnerability management, security audits, and security training for employees. Additionally, the SecOps Manager works closely with other departments and stakeholders to coordinate and implement effective security measures and ensure compliance with relevant regulations and standards for both IT and OT.
Responsibilities
Manage the SecOps Team, oversee the implementation of the information security management system developed by the Rail OT Networking and Cybersecurity manager and ensure that the organization\'s security needs are met.
Conduct risk assessments, incident response, vulnerability management, security audits, and security training/education for employees and SecOps Team members
Helping in designing and implementing security policies and procedures that meet industry standards and regulations, such as DESC, ISO 27001 and NIST SP 800 series.
Developing and maintaining a security framework that defines the organization\'s security objectives, controls, and monitoring processes.
Selecting and implementing security technologies that align with the organization\'s security needs, such as firewalls, intrusion detection systems, and encryption solutions.
Coordinating with other departments and stakeholders to ensure that security is integrated into the overall systems architecture and that security requirements are considered when new systems or services are deployed.
Ensuring that the security architecture is regularly reviewed and updated to address changing security threats and technology trends.
Overseeing the setup, configuration, and maintenance of the SOC and SIEM systems. This includes ensuring that the systems are properly integrated with other security technologies and aligned with the organization\'s security policies and procedures.
Managing the day-to-day operations of the SOC and SIEM systems, including monitoring security events and alerts, responding to incidents, and conducting investigations.
Ensuring that the SOC and SIEM systems are properly configured to detect and respond to security threats in a timely and effective manner. This may involve tuning the systems to reduce false positive alerts and improve overall accuracy.
Developing and implementing security policies and procedures for the SOC and SIEM systems, such as incident response and investigations based on the Rail OT Networking and cybersecurity manager guidance.
Working with other departments and stakeholders to ensure that the SOC and SIEM systems are aligned with the overall security needs of the organization.
Conducting regular security audits and assessments of the SOC and SIEM systems to ensure that they are functioning properly and meeting the organization\'s security needs.
Providing training and guidance to security analysts and other members of the SOC to ensure that they are effectively using the SIEM and other security technologies to detect and respond to security incidents.
Conducting penetration testing to identify vulnerabilities in the organization\'s systems and applications.
Documenting and reporting the findings of security assessments and providing recommendations for remediation.
Staying up-to-date with the latest hacking techniques and tools.
Supporting the Rail OT Networking and Cybersecurity Manager with the preparation of regular reports on the security status of the organization\'s systems and networks.
Developing security budgets: The SecOps Manager may work with the Rail OT Networking and Cybersecurity Manager to develop security budgets and allocate resources to security initiatives.
Ensuring that any maintenance tasks are conducted and closed on time by the SecOps Team.
Key Skills
Technical Knowledge: Extensive knowledge of security technologies, frameworks, and best practices, as well as the ability to identify and assess security risks and develop strategies to mitigate them.
Incident Response: Experience in responding to security incidents and conducting investigations.
Network security: knowledge of next generation firewalls, network intrusion detection systems, security information and event management (SIEM) solutions, Endpoint Protection, Detection and Response (XDR) solutions, Vulnerability scanner, and other network security technologies
Operating systems: expertise in Windows, Linux, and other operating systems
Programming languages: proficiency in at least one programming language, such as Python
Cloud security: understanding of cloud security best practices and experience with cloud platforms such as Microsoft Azure.
Knowledge of securing BICT systems as well as OT systems in Critical Infrastructure, in transport sector and ideally in the rail industry.
Risk Management: Ability to assess security risks and implement measures to mitigate them.
Leadership: Excellent leadership and management skills, including the ability to lead and manage a team of security professionals.
Communication: Excellent communication and collaboration skills to work with different departments and stakeholders.
Compliance: Knowledge of relevant security regulations and standards, such as DESC (ISR and ICS), ISO 27001 and NIST SP 800 series publications, and ability to ensure that the organization complies with them.
Problem-Solving: Strong problem-solving skills and the ability to think critically and find creative solutions to complex security challenges.
Teamwork: ability to manage people and to work well in a team environment and collaborate effectively with other technical and non-technical teams.
Adaptability: Ability to quickly adapt to changing security threats and technology trends.
Organizational Skills: Excellent organizational skills and the ability to prioritize tasks and manage multiple projects effectively.
Continuous Learning: A commitment to continuous learning and professional development to stay up-to-date with the latest security trends and technologies.
Knowledge Required
Extensive knowledge of security technologies, frameworks, and best practices
Ability to identify and assess security risks and develop strategies to mitigate them
Experience in responding to security incidents and conducting investigations
Knowledge of common security vulnerabilities and the ability to identify and address them
Understanding of relevant security regulations and standards, such as DESC, ISO 27001 and NIST SP 800 series
Excellent communication and collaboration skills to work with different departments and stakeholders
Experience
At least 7 years of experience in security operations, including experience leading and managing a team of security professionals
Extensive experience in Level 2 and 3 SOC Analyst roles.
Extensive experience in conducting vulnerability assessment and penetration testing in critical environment
Qualifications
Bachelor\'s or Master\'s degree in Computer Science, Information Security, Networking or related field
Relevant certifications, such as Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP) or CompTIA Security+ are highly desirable