Senior SOC Specialist

Job Accountabilities:

Information Security Risk and Compliance

• Manage delivery of the third-party supplied outsourced Security Operations Centre (SOC) capability as well as the in-house resources to triage and manage alerts and tickets.
• Support the SOC Lead to manage the Security Incident response team, coordinating and driving the Incident recovery activities with internal and external parties.
• Identify and report any deviations in the defined SOC processes, with continuous improvements.
• Suggest new technologies and tactical processes that help to optimize or improve the SOC operations.
• Work with the vendor to integrate Threat Intelligence from our outsourced providers to better tune and inform our defense in depth.
• Conduct monthly and quarterly reviews of the performance of the service working with the Group CISO to explain and highlight risk issues, positive examples, and illustrative data points to the EXCO and BRTC.
• Develop, track and report KPIs and KRIs for the SOC and report risk posture as directed by Group CISO
• Represent information security during IT Incident Management calls and meetings, post-incident reviews, and support the ongoing refinement of Cyber Crisis Management plans
• Coordinate red team testing for all locations across Network International Group on behalf of the Group CISO
• Coordinate with Information Security teams to ensure that new tooling is integrated into a holistic Security operations Strategy, new projects have their IT assets onboarded to be monitored and change management teams are aware of the SOC requirements.
• Periodically review asset sheets to make sure all critical assets are sent to the SIEM solution.
• Review information security exceptions and highlight risks associated with the exception to relevant audiences to make sound risk-based decisions following NI risk management frameworks.
• Manage the delivery of information security projects related to SOC to meet the NI information security strategies and goals.
• Execute other tasks as required by the Head of Information Security Africa and Group