Lead CyberSecurity Operations Specialist

• Oversee security incident triage, analysis, containment, eradication, recovery, and documentation.
• Manage, optimize, and maintain SOC technologies, including SIEM, SOAR, EDR, IDS/IPS, DLP, WAF, and threat‑intelligence tools.
• Develop and refine detection rules, correlation logic, dashboards, and automated playbooks to improve MTTD/MTTR.
• Conduct advanced threat hunting and support forensic investigations to identify emerging risks and undetected threats.
• Lead vulnerability assessments, remediation tracking, and risk‑based prioritisation across applications, infrastructure, and cloud.
• Coordinate and act as Incident Lead for major cyber incidents, ensuring proper escalation and regulatory‑aligned reporting.
• Maintain SOC runbooks, procedures, escalation workflows, and continuous process improvements.
• Evaluate and integrate new security technologies, ensuring seamless interoperability across all banking systems and cloud environments.
• Drive SOC maturity initiatives including automation, orchestration, and operational efficiency enhancements.
• Collaborate with IT, Risk, Compliance, Legal, and Product teams to strengthen end‑to‑end security posture.
• Prepare and present operational metrics, incident summaries, threat intelligence insights, and audit/compliance reports to management.

Requirements:

• Bachelor’s degree in Computer Science or related field; a Master’s degree is an advantage.
• 7–10 years’ experience in Information Security with strong SOC, incident response, and threat intelligence exposure.
• 2–3 years in a technical leadership capacity, ideally within a 24/7 SOC.
• Certifications such as CISSP, CISM, ISO 27001, PCIDSS, or relevant cloud/network credentials.
• Strong experience with SIEM/SOAR/EDR, IPS/IDS, IAM, API security vulnerability tools, and security architecture.
• Familiarity with MITRE ATT&CK, NIST, PTES, and regulated environments (e.g., financial services).
• Proficiency in log analysis, scripting (Python/PowerShell), and automation.
• Experience with vulnerability scanning and assessment tools.
• Familiarity with threat intelligence concepts and methodologies.
• Strong understanding of regulatory requirements and industry standards (e.g., ISO 27001, NIST, NDPA, PCI-DSS, etc.) with evidence of implementing and managing ISO 27001, PCIDSS, ISO 27032, etc. projects.
• Proven experience in a highly regulated industry, such as Financial Services.

·