Position: Incident Manager
Category: Security Operations Center
Ref. Code: INCIDENTMGR
Location: Riyadh, KSA
The Incident Response Manager (IRM) will be responsible for investigating security incidents and performing incident response activities according to the Client’s Incident Response Strategy. He will be engaged to the daily operations of the Client’s Security Operation Centerasked to validate escalated security events,liaise between technical and business teams to drive and support incident containment and response activities.He will coordinate with OBRELA’S Security Incident Response Teams, offsite and onsite andhe will conduct steering committee presentations on incidents detected, risk and impact analysis, response undertaken, and the statusof incident resolution.
The Incident Manager is responsible for/to:
- Engage with external agencies / regulatory bodies for incident response intelligence sharing/gathering.
- Monitor events, identify and analyse incidents.
- Record incidents and maintain the incident register.
- Report and escalate incidents as per communication protocol.
- Drive and support incident containment and response activities.
- Conduct incident investigations.
- Conduct forensic investigations and analysis where needed.
- Maintain chain of custody.
- Drive and support incident eradication and information system patching activities.
- Develop and communicate formal incident reports including incident source, impact analysis, and recommendations future mitigation.
- Maintain known incident and workaround solutions knowledge base.
Position requirements include:
- Bachelor’s degree or equivalent experience
- 3+ years’ experience in information security incident handling including security operations
- Experience with large scale and complex incidents of all types including DDOS, Spear Phishing,Advanced Persistent Threats, Malware, Website Defacement etc
- Demonstrated ability to perform independent analysis of complex incidents, and report after action with detailed evaluation of incident response, investigation efforts, and defensive security infrastructure implementations
- Demonstrated ability to develop standardized threat specific incident response procedures.
- Sound understanding of TCP/IP, networking protocols, hardware, architecture, popular Operating Systems and Databases
- Understanding of common attack methods and exploitation techniques, along with the detection and remediation strategies
- History of working under pressure and/or within various incident situations
- Excellent verbal and writing skills in both English and Arabic Language, ability to communicate complex issues in an easily-understood, authoritative, and actionable manner
Desired requirements include:
- Master Degree in Information Security
- Industry Certifications such as CISSP or GCFA
- Strong decision-making capabilities, with ability to weigh the costs and benefits of potential actions and decide the most appropriate
- Ability of fast learning, absorbing and applying new, job-related techniques. Keep abreast in IT new ideas and directions
What we Offer:
- Dynamic and respectful environment – our people are the core of our business, we value each and every individual and support initiatives, promoting agility and work/life balance.
- Continuous coaching – work with passionate people and receive both theoretical as well as hands-on training
- Career development. Expand your career internationally and work alongside knowledgeable people from diverse cultures and backgrounds
- A competitive compensation package dependent upon your experience and qualifications. We’re focused on rewarding efforts. Our salaries and benefits package will keep you motivated throughout your career
Qualified applicants can forward their CV quoting reference code(s) to: firstname.lastname@example.org
All applications will be held and treated with confidentiality.