Manager, Security Operations Center - SOC/ FastTelco Subsidiary of Ooredoo Kuwait

• Manage Security Operations Centre and the Analyst staff associated with the SOC

• Manage Multi-vendor Siem Solution Technologies (Logrythmn / Wazuh, Snort ELK Stack, Qradar, Splunk )

• Lead SOC Team in Incident flow, detection, forensic investigations and resolution

• Build and develop SOC processes, procedures in close cooperation with our SOC operations

• Ensure all necessary information and security data are continuously being collected, correlated and analyzed to detect potential external and internal threats to Ooredoo & its clients.

• Define and review key security performance indicators that ensures proper service delivery and service improvements.

• Manage all day-to-day activities within the SOC to ensure effective operation of incident detection and response processes.

• Provide leadership, guidance and technical expertise to deliver a professional service to ooredoo and its clients.

• Ensure security detection, response, and recovery procedures are up-to-date, maintained and followed.

• Accountable for security incident management.

• Ensure proper integration and handover of new security services within the monitoring and detection capability of the SOC.

• Develop and provide reports on a regular basis to meet Ooredoo’s compliance and audit needs.

• Develop connectors and/or APIs for SOC integrations and perform level 3 security analysis function

• Configure and automate uses cases for security incidents and SOAR

• Manage and Detect Incidents by monitoring the SIEM console, Rules, Reports and Dashboards.

• Review and triage information security alerts, provide analysis, determine and track remediation, and escalate as appropriate

• Monitor the SIEM console resources to identify any anomalies and report violations

• Monitor emerging threats through Tools, Techniques, and Procedures (TTPs) and how they relate to the MITRE ATT&CK framework

• Report Incidents to concerned teams and Asset Owners

• Communicate with external teams in proper incident resolutions

Broad knowledge on threat analysis and experience in intelligence reporting * Manage Ooredoo and FT Business as usual SOC work orders

• Evaluate SOC equipment hardware/Software

• Manage security health-check monitoring of SIEM Solution and its components

• Plan and evaluate SOC equipment hardware and reflecting it to the inventory database, Research and introduce new technologies

• Manage and maintain all existing and new SIEM Solutions

• Manage SIEM security configuration, and architecture (including hardware & software technology, site location & integration of technologies.

• Resolve escalated issues from Ooredoo and FT SOC TTs

• Complete handover from Security Ooredoo and FT & complete new assigned Projects.

• resolve all security issue related to Ooredoo and FT

• Manage all devices with accessing (SIEM Solution )

• Extending the support to internal and external audit regarding their queries

• Explaining to internal and External audit the business requirements that leads to the current setup

Qualifications:

• Bachelor degree or Equivalent

Other Information:

• Hands -on experience in Cyber Security Monitoring, Threat Intelligence and SOC Operations in any private/government/ telecom/banking sector

• Preferred Technical security certifications (at least one) such as GIAC (GSOC), CompTIA (CySA+) , CompTIA Security+, EC Council (C|SA), LogRhythm Security Analyst (LRSA)

• Preference will be given to candidates having experience in public sectorISP Experience

• Familiar with Security Technology