Career Opportunities at Old Mutual South Africa

Job Description

The Security Operations Centre (SOC) Lead will plan, direct and control the SOC functions and operations. Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation. Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimize the impact of the threat.

• Support implementation of the SOC strategy.
• Leading and managing the Security Operations and team of security operational staff members
• Primarily responsible for directing security event monitoring, management and response and cyber intelligence
• Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
• Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives
• Revising and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
• Responsible for overall use of resources and initiation of corrective action where required for Security Operations Center
• Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness
• Ensuring threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
• Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.

Job Requirements : Skills ,Experience and Qualifications

• IT related tertiary qualification
• Must have at least 5 yrs experience working within Security Operations Center AND using SIEM technologies
• CISSP, CASP, CCSP, SSCP, SANS GIAC:GMON GCIH, GCIA, GCFA, GCFE, GREM
• Must have deep technical understanding of core current cybersecurity technologies as well as emerging capabilities. Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing large-scale incident response.
• Must have demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
• Must be familiar with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.

Skills

• Security Equipments

Closing Date

15 March 2023