Website National Development Bank PLC (NDB)
Job description
SOC Manager- Deputy Manager
The Job
• Act as the primary point of contact for all escalations and communications with the Managed SOC service provider.
• Follow Guidance set out by IT Security’s CTI VM team in conducting threat hunting and vulnerability assessments & incorporate the same with SIEM & SOC
Oversee the monitoring of security alerts and incidents by SOC.
• Managing and optimizing SIEM will be done by CTIVM team. SOC manager need to collaborate with CTIVM team in developing/improving use cases, playbooks & automated processes, identifying managing log sources & levels for SIEM.
• Coordinate the response to security incidents, including investigation, containment, and remediation.
• Support Performing post-incident analysis with SOC provider to identify root causes and improve future responses.
• Analyze security data to identify trends, patterns, and potential threats.
• Develop and implement SOC processes and procedures & ensure it meets regulatory requirements by conducting periodical compliance audits.
• integrate AI & other advancing technologies in log analyzing & automations.
• Communicate security incidents and risks to senior management & Prepare and present regular security reports for the management.
Ensure seamless collaboration and communication between the Internal/External teams and the Managed SOC provider.
• Monitor the performance and service delivery of the Managed SOC provider as per the agreement.
• The SOC manager should be responsible for ensuring that SOC operations & reportings are conducted in accordance with the guidelines set out by CBSL’s Regulatory Framework on Technology Risk Management and Resilience for Licensed Banks.
The Person
• Bachelor’s degree in Computer Science, Information Technology, Information / cyber security .
• Relevant certifications such as CISSP, CISM or other preferred qualification.
• Proven experience in a SOC or similar security role.
• Strong knowledge of cyber security principles, practices, and technologies.
• Excellent communication and problem-solving skills
• Experience with SIEM tools will be an added advantage.
• Familiarity with threat intelligence platforms and incident response frameworks.
• Understanding of network and endpoint security technologies and Ability to work in a fast-paced and dynamic environment