Manager, Cyber Security Operations

؜ - ؜الرياض ؜ -

تفاصيل الوظيفة

‎1. JOB DETAILS:*
Position Title: Manager: Cyber Security Operations
Broad Band: M12: Management
Reports to: Director: Cyber Security
**Department & Function:
Ma 'aden Cyber Security
Talent Pipeline Layer: Managing Others (MO)
‎2. OVERALL JOB PURPOSE:
Manager: Cyber Security Operations is responsible for performing the daily
monitoring, maintenance and improvements to the security solutions deployed
across Ma 'aden on the perimeter, infrastructure, network-level, system-level
and database-level to monitor and protect MA'ADEN Corporate and Affiliates IT
(Information Technology) and OT (Operational Technology) resources and assets
within Saudi Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and
Mauritius. This position works closely with other functions to assist in the
security monitoring program, managing the Security Operations Center (SOC) for
Ma'aden within the seven countries, maintaining cyber threat situational
awareness of internal and external threats and vulnerabilities through
enhanced monitoring capabilities and oversight of systems and processes used
to assess security. Handle threat intelligence through strong partnerships and
communications with regulatory agencies, Cybersecurity providers, national and
global peers. This position is also responsible for catering to all access
management requests and changes as well as the incident response against in
Cyber attack / breach and recovery capability.It is also responsible of
handeling forensic invistigations and Root Cause Analysis (RCA) activites.

‎3. QUALIFICATIONS, EXPERIENCE & SKILLS:
Qualification:
‎1. Bachelor degree in Computer Science or Computer Engineering with an
advanced degree desirable

Experience:
‎1. At least ‎8-‎10 Years' relevant experience
Skills:
‎1. Mixed managerial, analytical and technical skills, and knowledge in all
aspects of Cyber security in multi IT / OT domains: database, development,
network operations, Data Centers, operating systems, Security Operations
Centers (SOC), security technologies, specific applications security, etc.

‎2. Good knowledge in business continuity planning and disaster recovery
management.

‎3. Good understanding of cyber security standards (ISO27001, ISO ‎22301, ISO
‎9001, NIST).

‎4. Certifications in information security field (e.g. CISM / CISSP / ISO
‎27001 / ISMS Lead Auditor )

‎5. Good understanding of IT service management practices
‎6. Certifications in ITIL is a plus
‎4. KEY ACCOUNTABILITIES:
Focus Area
Get results through individual contributions
Operational / Functional
‎1. Cyber Security Operations Management:
- Oversee and direct Cyber security activities to execute the Cyber
security program at all MAADEN including Corporate and Affiliates within Saudi
Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and Mauritius

*
Ensure that the rules of use for IT/OT systems and the administrative procedures for IT/OT systems comply with the MA 'ADEN's Cyber security policies.
*
Ensure that services provided by business and other enterprises, including outsourced providers are consistent with established Cyber security policies
*
Perform daily monitoring, maintenance and improvements as needed to the security solutions deployed across Ma 'aden on the perimeter, infrastructure, network-level, system-level and database-level
*
Maintain cyber threat situational awareness of internal and external threats and vulnerabilities through enhanced monitoring capabilities and oversight of systems and processes used to assess security
*
Monitor users, applications, networks, systems, and access to physical assets
*
Perform periodic review of audits logs (includes review and retention) of applications, networks, systems, and access to physical assets
*
Perform periodic user access review across Ma 'aden's registered users
*
Conduct physical and logical security control assessments (vulnerability assessment), security monitoring, detection, and security status reporting to enable informed decisions
*
Scans, analyzes, and apply countermeasures of vulnerabilities
*
Detects, analyzes, and eliminates viruses and malicious code
‎2. Incident Response Management:
*
Establish and manage capability to respond to and recover from disruptive and destructive Cyber systems incidnets
*
Design and implement processes for detecting, identifying and analyzing security related events
*
Develop incident handling recovery plans including organizing, training, and equipping teams
*
Ensure periodic testing of the response scenarios and recovery plans where appropriate
‎3. Business Continuity and Disaster Recovery Plan Management:
*
Execute, coordinate, maintain and supervise comprehensive Business Continuity and Disaster Recovery Programs, strategies, plans and procedures within the seven countries
*
Coordinate and manage activities related to the Business Continuity Plan (BCP) including the Disaster Recovery Plan (DRP)
*
Coordinate the maintenance of the BCP/DRP documentation
*
Primary liaison between key stakeholders of MA 'ADEN's BCP e.g. Senior Management, Directors and Managers, Staff, Consultants, vendors and auditors
‎4. Cyber Security Compliance:
*
Implement and comply with Cyber Security policies and procedures in the manufacturing environment
*
Participate and contribute in the early stages of design for manufacturing technologies and systems to ensure alignment with Cyber Security requirements and standards
*
Build the Cyber Security standards in terms of manufacturing and operational technologies in cooperation with Enterprise Cyber Security team and Process controls owners in Ma 'aden affiliates.
*
Participate in auditing activities to ensure security policies, requirements and best practices are effectively applied
‎1. Self & team consistently meets targets, due dates and quality standards
(production, service, advice, etc.)

‎2. Achieve Quality targets by Consistently reducing all non-value-adding
work

‎3. Cost target achievement by Consistently improving team productivity
‎4. All Plans and team objectives consistently executed and achieved in a
safe working environment

‎5. Productivity target achievement
‎6. Achievement of Saudization Targets
Leadership
‎1. Performance Management & Capability Building:
*
Lead the MA 'ADEN Corporate and Affiliates IT/OT security team: plan, organize, assign, supervise and monitor the work of team members
*
Review overall KPIs, performance and cyber security measures for all Ma 'aden IT and OT networks.
*
Reports Cyber security related performance KPIs.
*
Conduct periodic performance reviews of the staff.
*
Building required capabilities and competencies within Cyber security staff.
‎2. Planning & Budgeting:
*
Develop the ‎5 years business plan a budget for Cybersecurity Operations function.
*
Establish and maintain plans to implement the Cyber security operations projects.
*
Define annual Cyber security budget and obtain management approval.
*
Manage the Cyber security budget in implementing the Cyber security program.
*
Prepare the budget for cyber security Operations requirements
‎1. Establish High performance in the team through Goal clarity and
alignment of all team members (performance direction)

‎2. Drive Team performance and performance management through regular
performance reviews and giving recognition where it was due; Always deal with
performance issues in a proactive manner

‎3. Increase the Team skill level, succession and career progressions though
by enabling the achievement of development objectives for one self and all
team members

‎4. Change management and communication well communicated and effectively
executed across the business

‎5. Quality diversity decisions on opportunity utilization (Employee
Movements)

‎6. Creates a high performance culture and values driven environment (team
motivation and wellness) by Improving engagement and enablement levels that
results in high performance

‎7. Governance and legal compliance (audits and inspection)
‎8. Work alignment and collaboration across boundaries (value chain)
‎9. Resources availability and optimization by ensuring that Cost effective
resources are available for results delivery on a daily basis

‎10. Diverse succession pipeline planning and retention
Relationships
‎1. ICT-SS
Align and build the relationship with ICT functions to ensure proper
implementation of Cybersecurity technologies and practices within IT
environments across Ma'aden covering but not limited to: aligning the
Cybersecurity operations plans and objectives, implement Cybersecurity tools
and technologies on top of the ICT infrastructure and applications, develop
the incident response & recovery capability for ICT, collaborate with IT to
support security projects and ensure proper security controls are considered.
*


‎2. Cyber Security
Collaborate with the other cybersecurity functions to ensure adequate
planning and Aligning of Cybersecurity strategy and plans.


‎3. Internal / External Audit
Align with Internal / External Audits on the approved frameworks, policies
and procedures implemented in Cybersecurity for IT and OT, support the audit
functions in conducting continuous audits on the security controls implemented
in IT and OT and manage the closure of the reported audit observations.
Provide adequate responses and evidences to support the audit closures,
support Ma'aden Corporate and affiliates in the seven countries to address and
close any Cybersecurity related observations.


‎4 . Ma 'aden affiliates
Align and build the relationship with the several business functions in
Ma'aden to ensure proper implementation of Cybersecurity controls within in
the seven countries covering: aligning the Cybersecurity strategy, objectives
and business plan with the Affiliates business strategies, ensure
Cybersecurity framework and policies embedded part of the Affiliates models,
conduct periodical risk assessment on operational processes and OT
infrastructure and confirm the level of compliance against the Cybersecurity
controls, support OT projects by reviewing security architecture and ensure
proper security controls are considered.


‎5. Operational Technology (OT) and Industrial Control Systems (ICS)
Stakeholders in Ma'aden

Support and provide the OT and ICS functions in across Ma'aden with required
guidelines, policies, procedures, security architecture and controls. conduct
periodical risk assessments to confirm the level of maturity and compliance of
OT security controls.


‎6. Security Service providers
Select and work with the potential security vendors that can provide
required consultancy services. Support and maintain strong relationship with
the vendors to ensure sustainable and efficient support level.


‎7. Business Continuity and Crisis Management
Primary liaison between key stakeholders of MA 'ADEN's BC plan e.g. Senior
Management, Directors and Managers, Staff, Consultants, vendors and auditors
in the seven countries


‎8. Government Authorities
Align and build strong relationship with relevant Government authorities in
Saudi Arabia, India, Malawi, Zimbabwe, Mozambique, South Africa and Mauritius
(i.e. National Cybersecurity Authority in Saudi Arabia) to ensure proper
adherence and compliance to mandates and regulations as well as report and
escalate any Cyber threats targetting Ma'aden Corporate and affilaites where
ever applicable and work with the authorities to secure the company and
recover the impacts.

‎1. Fully understand customer and supplier needs and ensure
Customer/partner service level agreements

‎2. Build effective working relationship with managers, peers, team members,
customers and suppliers

‎3. Liaison with service and support functions/upstream - downstream
interface management

‎4. Ensure knowledge transfer within own area of responsibility
‎5. Build effective networks (internal and external) to the benefit of the
team

‎6. Use opportunities and appropriate communication tools to effectively
communicate information to the team

‎5. COMPETENCIES:
Technical/Functional
‎1. Cyber Security Risk Management
‎2. Enterprise Architecture
‎3. IT/Solution Architecture
‎4. Security Architecture Controls Implementation
‎5. Cloud Security
‎6. Product / Vendor Security Certifications
‎7. Security Tecnologies
‎8. Project Management
‎9. Presentation Skills
Leadership
‎1. Leadership
‎2. Teamwork
‎3. Integrity
‎4. Care
‎5. Ownership
‎6. Accountability
‎7. Communication
‎8. Time Management, Planning and Organization
Safety
* Safety advocate - anywhere and everywhere
* Expert knowledge and application of HSE rules and procedures
* Advanced knowledge of applicable HSE legislation and regulations and its practical implications
* Concern for employees' wellbeing
* Ability to foster a safety culture
* Drive and facilitate Ma'aden Safety Culture Transformation Program

ملخص الوظيفة

  • المُعلن : Ma’aden
  • تاريخ الإعلان : 08/11/2022
  • نوع العمل : -
  • مستوى الخبرة : -
  • المستوى التعليمي : -
  • مكان العمل : الرياض
  • الراتب : -
  • الهاتف : -

وظائف أخرى مثل هذه الوظيفة

الرياض
01/05/2022

Where applicable, confirmation that you meet customer requirements for facility access which may include proof of vaccination and/or attestation and testing, unless an accommodation has been approved. **Secure our Nation, Ignite your Future** Become an integral part of a diverse team while working …

الرياض
21/06/2023

Challenging Today. Reinventing Tomorrow. _We're invested in you and your success. Everything we do is more than just a project. It's our challenge as human beings, too. That's why we bring a thoughtful and collaborative approach to every one of our partnerships._ _At Jacobs, we challenge the status…

الرياض
14/10/2023

Req ID:437456 At Alstom, we understand transport networks and what moves people. From high- speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day,…

الرياض, منطقة الرياض
23/06/2022

• تطبيق سياسات الامن السيبراني لتحقيق أهداف النظام الأمني • ربط بيانات الحوادث السيبرانيه لتحديد نقاط الضعف • تحليل الملفات من المصادر المتعددة لتحديد التهديدات المحتملة لأمن الشبكة • تحليل اتجاهات الدفاع السيبراني والإبلاغ عنها للجهات المعنية • تقييم ومراقبة تطبيق الشركة لنظام الأمن السيبر…

القاهرة
14/03/2023

**Apply now** **Return to job search** ### **Description** At PwC, we measure success by our ability to create the value that our clients and our people are looking for. Our reputation lies in building lasting relationships with our clients and a focus on delivering value in all we do. We 're a net…

الرياض
05/08/2022

Responsible for identifying, prioritize and respond to cybersecurity risks for the organization to protect its information assets and technology in accordance with the organization's policies and procedures, as well as relevant laws and regulations of National Cybersecurity Authority and other rela…

الرياض
06/12/2022

**About this opportunity!** We are looking for a Telecom Cyber Security Officer to provide support and advice regarding network security and security risk management within a defined operational scope in line with customer security policies. Establish and execute unit security plans for the unit…

دبي
05/07/2023

## **DESCRIPTION** Operating in the UAE for over 50 years, CBD manages the financial requirements of some of the largest corporates and businesses operating in the country, driving the UAE economy. Over the years, CBD has transformed into a progressive and modern banking institution winning multipl…

دبي
19/07/2023

Job Purpose: Customer Support Manager-Cyber Security Plan, develop, and manage the customer management activities to ensure support and deployment all services in the assigned customer area whilst ensuring services are delivered to a high level of customer service. The Customer Support Manager (CSM…

الدمام, المنطقة الشرقية
15/12/2023

Job profile: The Security Operations Manager provides security services for designated sites in the country/ region. You are responsible for delivering effective and efficient physical security operations and security programs that protect the client's critical infrastructure. You ensure that you…

Language: English