SOC Manager
  • United Arab Emirates Dubai
  • Deriv
1 year before
31.12.2023
Oversee and Govern
Cybersecurity Management
Job Description

Job Information

Industry
Cyber Security & IT

City
Dubai

Province
Dubai

Country
United Arab Emirates

Postal Code
337-1500


Job Description
Challenging, greenfield, and unconventional — those are the operative words that describe this SOC Manager role best!


Challenging, because you will be responsible for triaging and acting upon the events generated by well over 1200 endpoints, more than 200 on-prem and cloud applications and several hundreds of servers on 5 continents. And it’s not only about detection and response either, but also very much about structural solutions.

Greenfield, because you get to decide how our SOC will be shaped in all its aspects! And there is more good news: we already have a sizeable pool of highly talented engineers and analysts nicely spread across time zones, so there is no need to burn the midnight oil — during normal operations, of course!

Unconventional, because we do things the Deriv way! Among others, this means that you are hands-on and that you lead from the front. You thoroughly understand SOC Operations from a management point of view and a technical angle. And you are not afraid to code your own automation functions for detection and response should that be necessary.

Your challenges

Establish and execute a comprehensive SOC strategy that effectively identifies, prevents, detects, and responds to complex and sophisticated cyber threats in a constantly evolving threat landscape while maintaining high levels of availability, integrity, and confidentiality of critical assets and data.
Recruit, mentor, and retain talented SOC engineers and security analysts from diverse backgrounds and cultures, build a collaborative and high-performing team culture, and promote continuous learning, innovation, and knowledge-sharing across multiple geographies and time zones.
Manage, maintain (and possibly develop our own) security tools and technologies, including SIEM, IDS/IPS, and threat intelligence feeds.
Ensure issues only happen once. Design, implement, and continuously improve incident management processes, procedures, and workflows that minimise the impact of security incidents on the business and its customers.


Requirements

15+ years of work experience
5+ years of SOC management experience
Intimate knowledge of and passion for cybersecurity
Hands-on technical skills (Think of Linux system administration, cloud technologies, coding, pen testing and/or database administration.)
Ability to stay calm and collected in stressful situations
In sum: you know your stuff, you’re on the ball, you know how to fix things, and you keep a cool head.

What’s good to have

Work experience as a coder, system or database administrator, or security researcher


Benefits

Exciting work challenges
Competitive salary
Health benefits
Training sessions and webinars to help you advance your career
Intensive and interesting onboarding programme
State-of-the-art tech stack
Inspiring work environment and creative freedom

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0038   Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0042   Knowledge of incident response and handling methodologies.
  • K0043   Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • K0046   Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • K0054   Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • K0072   Knowledge of resource management principles and techniques.
  • K0150   Knowledge of enterprise incident response program, roles, and responsibilities.
  • K0167   Knowledge of system administration, network, and operating system hardening techniques.
  • K0169   Knowledge of information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures.
  • K0180   Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Required Abilities
  • A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.