Manager IT Security Operations Full-time Job

ABOUT THE JOBThe IT Security Operations Manager will manage and maintain the integrity and security of Batelco’s information systems and assets by leading the Security Operations Center (SOC). The SOC is a centralized function for security event monitoring and incident response across the IT environment and ensuring effective collaboration within IT and across the organization, ensuring alignment of security efforts with organizational objectives. He/ She is accountable for planning, directing and coordinating the team's efforts to ensure secure IT operations, prevent and respond to security incidents, and implement robust security measures that proactively safeguard organizational IT systems and data against unauthorized access, use, disclosure, disruption, modification, or destruction.JOB RESPONSIBILITIES1. Security Strategy and Policy:Develop and execute a comprehensive IT security strategy aligned with the company's overall objectives.Collaborate with key stakeholders to define, implement, and enforce IT security policies, standards, and procedures to safeguard organizational data and IT assets.Monitor compliance with security policies, identify gaps, and implement corrective actions to address deficiencies.Ensure that security strategy aligns with industry best practices and regulatory requirements.2. Security Incident Management:Lead incident response efforts, coordinating with internal teams and external partners to contain and resolve security incidents promptly.Oversee security event monitoring, security incident analysis, containment, eradication, recovery, and documentation in the Security Operations Center.Establish protocols for reporting, investigating, and mitigating security breaches.Develop and maintain an incident response plan and conduct regular tabletop exercises to ensure readiness.Oversee and facilitate the technical implementation of the plan.Conduct thorough post-incident analysis to identify root causes, vulnerabilities, and lessons learned to prevent future occurrences.Produce security incident reports summarizing investigation findings, containment efforts, and remediation steps for stakeholders.Provide reports to business senior leaders related to top risks to enable proper and faster decision making related to cyber threats and budget allocations.Provide mentorship and training to junior security engineers and SOC analysts in incident response procedures.3. Security Operations Center (SOC) Management:Oversee the daily operations of the SOC, including security event monitoring, threat detection, and incident response.Define and maintain security operations metrics and Service Level Agreements (SLAs).Identify the security and incident reporting that allows the team and stakeholders to consume efficiently.Maintain up-to-date knowledge of emerging security threats, vulnerabilities, and security technologies through continuous monitoring of industry news, advisories, and threat intelligence sources.Identify, acquire and integrate new technologies and security products within the SOC operations.Serve as an escalation point for critical incidents and provide technical expertise to SOC analysts during incident investigations.Ensure SOC analysts adhere to incident handling procedures, security protocols, and data protection policies.4. Security Architecture and Technology Implementation:Work closely with Enterprise architects and IT teams to align IT and security architecture to protect information.Support evaluation, implementation, and maintenance of security technologies, such as SIEM, intrusion detection systems (IDS), intrusion prevention systems (IPS), endpoint detection and response (EDR), vulnerability scanners, and other security tools.Define requirements for security tools implementation.Recommend technology upgrades and modifications.Evaluate vendors and new solutions for capabilities and integration.Collaborate with vendors to manage security projects and implementation of security controls.5. Vulnerability Management and Threat Intelligence:Establish vulnerability management plan (risk assessment, patching, incident response, configuration management, account management).Develop and implement a vulnerability management program to identify and remediate security vulnerabilities across IT infrastructure.Direct and oversee vulnerability scans of applications and infrastructure including but not limited to web application security vulnerability identification tools, system vulnerability scanners and source code vulnerability tools.Provide detailed recommendations to teams including process changes, security hardening, patch identification and changes to application.Collect, analyze, and disseminate threat intelligence information to improve security posture and enhance threat detection capabilities.Perform continuous evaluation of external and internal cyber security threats (Zero Day exploitations), ensuring the risk and impacts is fully understood and recommend/develop counter measures to mitigate.Implement threat modeling methodologies to prioritize remediation efforts.6. Security Awareness and Training:Develop and conduct security awareness training programs to educate employees about security risks and best practices.Prepare employee awareness material on the relevant subjects; information and network security, personal device security, information privacy and security during travels etc.Coordinate phishing simulation exercises to test employee awareness and identify areas for improvement.Collaborate with HR and Communication Departments on company’s cybersecurity awareness campaigns.Ensure that personnel receive role-based security training to address specific security responsibilities.7. Business Continuity and Disaster Recovery:Contribute to the development and maintenance of business continuity and disaster recovery plans.Conduct regular testing and validation of disaster recovery procedures to ensure business resilience.Develop testing scenarios.Identify single points of failure for processes and applications to provide high availability.Qualifications & Experience:Bachelor's degree in computer science, information security, or related field.At least 7 years of experience in IT security with at least 5 years of experience managing IT security operations team, incident response, and security engineering.Professional certifications such as CISSP, CISM, or SANS GIAC certifications is a must.Knowledge & Skills:Demonstrates strong expertise and advanced skill in Information Technology and cyber security practices.Possesses understanding of regulatory requirements for cyber security (SAMA CSF, PCI DSS).Experienced with SIEM deployment, optimization and rule creations (QRadar is preferred)Knowledge in data security and regulatory policies like GDPR, CCPA.Experience with enterprise IT security architecture frameworksAbility to think strategically and balance short-term and long-term goalsExperience and ability to successfully handle high stress situations, particularly with critical impact to Batelco business and ITExperience on Incident Response Planning.Understanding on Penetration Testing Techniques.Must have a clear understanding on the Vulnerability Management Plan.Understanding of cloud architecture and security frameworks.Extensive experience working on large projects with interdependencies across multiple areas of the business.

Batelco is the leading communications solutions provider in the Kingdom of Bahrain and a company of the Beyon group. Batelco serves both the private and public sectors with cutting-edge fixed and wireless telecom solutions. Batelco has played a pivotal role in the countrys development as a major communications hub and has positioned Bahrain at the forefront of regional innovation.