Senior Manager – IS – Risk Management.MGN EGY – ISG – Information Security Program.Risk Management-MEGPCOE

To develop, manage, and execute cyber security project across Mashreq to – 

• Lead and oversee the strategic operations of the Cyber Defense Center (CDC) to ensure effective monitoring, detection, analysis, and response to advanced cybersecurity threats.
• Develop and implement security strategies, policies, and procedures to manage and mitigate risks across the organization.
• Guide and mentor the team in using SIEM platforms (Azure Sentinel & ArcSight preferred) and other security solutions to address complex and critical security events.
• Coordinate with senior leadership and external stakeholders to enhance the organization’s security posture and ensure compliance with regulatory requirements.

• Strategic Security Management:
  • Develop and implement strategies for monitoring and responding to security events from SIEM systems (Azure Sentinel & ArcSight preferred).
  • Analyze and respond to security events from diverse data sources such as firewalls, IDS/IPS, antivirus solutions, DAM systems, web servers, proxies, and banking applications.
• Advanced Threat and Incident Management:
  • Create and refine alert rules and logic in SIEM to detect significant events and threats.
  • Perform precise, real-time analysis and correlation of logs/alerts from multiple sources.
  • Utilize established policies, standards, and procedures to classify security alerts as incidents and guide incident response efforts.
• Leadership and Improvement:
  • Improve incident response times and reduce false positives by refining detection capabilities and processes.
  • Assist in the design, implementation, and execution of security awareness programs and risk-based security controls analysis.
  • Update and enhance processes and policies (SOPs, playbooks, runbooks) with a deep understanding of cybersecurity best practices.
• Cross-Functional Collaboration:
  • Collaborate with compliance, audit, and regulatory teams to provide necessary information, data, and evidence.
  • Keep up-to-date with industry knowledge and trends to maintain a high level of security proficiency.

• Educational Background:
  • Graduate/Postgraduate degree in Science, Engineering, or IT.
• Certifications:
  • Minimum of 2 professional certifications from CISSP, CISM, CRISC, CISA, or equivalent.
• Experience:
  • Extensive experience in SIEM design and implementation, with a strong background in Cyber Defense Center or Security Operations Center roles.
  • Over 12 years of experience in SOC & CDC, with proven leadership skills and expertise in managing complex security operations.
• Skills:
  • Proficiency in managing SIEM policies and enhancing security operations.
  • Strong analytical skills for evaluating security requirements and implementing appropriate controls.
  • Excellent documentation and report writing skills.
  • Knowledge of the banking environment is advantageous.