Security Operations Manager

Req ID:429803 

We create smart innovations to meet the mobility challenges of today and tomorrow. We design and manufacture a complete range of transportation systems, from high-speed trains to electric buses and driverless trains, as well as infrastructure, signalling and digital mobility solutions. Joining us means joining a truly global community of more than 38 900 people dedicated to solving real-world mobility challenges and achieving international projects with sustainable local impact.    

As part of Security Monitoring and Control team, Security Operations Manager will oversee the implementation and monitoring of Security operational controls inclusive of people, process and technologies. Key part of the responsibility will be to align Security operations to the best practices and frameworks across the industry, perform continuous review to improve the effectiveness of the Sec operations. Security Compliance Manager is also expected to manage the metrics program, assist in managing Security operations and lead improvement programs within the security function. Security Compliance Manager will work closely with Technology and Solution Architects, IS&T operations and business teams to manage overall security of the organization         

OVERALL PURPOSE OF THE ROLE:

The primary responsibility of the Security Operations Manager is to ensure security risks are identified and managed and within acceptable limits. The security manager will work closely with Design Authority, Solution Architects, IS Design, IS&T operations and business teams to manage security of the organization                     

RESPONSIBILITIES:

• Experience performing security monitoring and incident response and triage work in a 24/7 environment.
• Responsible for day to day operations of SOC, including management of partner resources
• Responsible for integrating various logs in the ecosystem and configuring policy sets to identify new and emerging threats in the organization
•  Feasibility engagements with business groups to ensure security requirements are discussed and incorporated early in the process. 
• Assesses risks and identifies issues and solutions to timely and efficiently achieve program goals or project objectives while maintaining security standards.
• Maintain an awareness of business, technical, architecture, infrastructure, and end user support issues and act as sounding board to aid in the development of creative solutions
• Uses judgment in data analysis to develop and design solutions.
• Develop and maintain measurable security metrics program; Assess performance to ensure that it meets the present and future needs of the business.
• Support business needs in developing and maintaining application, network and systems requirements in accordance with security standards
• Responsible for management of information security strategy, solutions, and ongoing technology refresh and enhancements 
• Analyze vulnerability management reports / external threats and recommend remediation actions based on application risk profile and environment. 
• Develop and validate related flows matrices and configuration standards for each provided technology with support of provider
• In-Depth understanding of various information security tools and technologies
• Develop and validate related flows matrices and configuration standards for each provided technology with support of provider.

TECHNICAL COMPETENCIES & EXPERIENCE 

To be considered for this role, candidate need to demonstrate the following skills experience and attributes:    

Bachelor’s/Master’s degree in Engineering/Technology or related field

Minimum 6-8 years of relevant IT experience

Hands-on experience with one of the major SIEM platforms in use i.e Splunk, QRadar, Arcsight

Experience performing security monitoring and incident response and triage work in a 24/7 environment.

Professional industry standard certifications like CISSP, CEH, GIAC, CISM, etc. will be an added advantage

Experience with various IT / Security technologies - including, Active Directory, DNS, Messaging, Firewalls/ VPN Gateways, IPS, Proxy, WAF, PKI, IAM, etc.

Proficient hands-on experience and understanding of various security tools and technologies.

Exposure to forensic lifecycle process including securely acquiring the image, analyzing it and extracting the relevant data as per the investigation requirements

Must understand and have worked in the security operations centre for minimum of 2 - 4 years

Demonstrated leadership experience in the area of Security Operations

Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode

Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management

Solid understanding of ITIL process framework

Proven planning, prioritization, and organizational skills

Demonstrated drive for continuous learning, results-orientation, and teamwork

Ability to drive change through innovation & process improvement

Ability to manage projects and drive action items with customers and cross-functional peers

Proven crisis management skills

Professional & concise communication (written & verbal)

Ability and flexibility to adapt to change, including shifting and competing priorities

Demonstrated ability to be a big picture thinker, strategist, and long term planner

Strong analytical skills with demonstrated problem solving ability.

Project management skills with a proven ability to design workable solutions will be an added advantage.

Exposure to ISO 27002 and ISO 27005

An agile, inclusive and responsible culture is the foundation of our company where diverse people are offered excellent opportunities to grow, learn and advance in their careers.  We are committed to encouraging our employees to reach their full potential, while valuing and respecting them as individuals.