Security Operations Lead

Job Summary

Core responsibilities will be to drive and manage people, process, and technology controls to protect the College’s information systems, information assets, infrastructure, and networks from potential threats. The role will be critical in leading compliance and awareness activities, as well as managing security incidents and risk mitigation activities to drive the College’s information security strategy and roadmap.

This position reports to the IT Operations Manager.

Service Delivery

• Develop, drive, and manage controls to protect the College’s information assets.
• Lead compliance and awareness activities such as security awareness campaigns and training.
• Manage potential information security incidents and risk mitigation activities.
• Assess business impacts of current and emerging threats and recommend strategies to address them.
• Provide advice and hands-on operational support for security technologies including but not limited to managed services, perimeter defence, identity and access management, and creating scripts to automate processes for improved efficiency.
• Contribute to development of the Information Security Roadmap and drive capability maturity uplift through fit-for-purpose people, process, and technology controls.
• Develop and enforce information security policies, and standards to align with known frameworks and best practice.
• Maintain and enhance security standards, and lead compliance programs to continually improve operational systems and processes.
• Lead targeted awareness campaigns, training, and tabletop exercises for security awareness to mitigate risks and improve incident response maturity.
• Participate in governance meetings, contribute to the strategic and operational risk registers, oversee the implementation of mitigation controls and monitor their effectiveness by tracking changes in risk levels.
• Collaborate and communicate with internal and external stakeholders to design and implement fit-for-purpose security solutions.
• Perform forensic analysis of potential cyber security incidents.
• Test, verify and report on the effectiveness of security controls.
• Hardening technology platforms such as Microsoft Azure, Microsoft 365, firewalls, servers (physical or virtual), and networking equipment.
• Involvement in projects that require IT security expertise and input.
• Escalation point for IT Service Desk where information security expertise assistance is required.
• Provide guidance and support on new developments, upgrades, refreshes, and configurations of services ensuring security by design
• Monitor the organization's security infrastructure and systems and carry out proactive threat hunting to identify potential security risks
• Collaborate with managed security partners to detect and analyse security events and incidents and lead containment, eradication, and recovery activities. This includes determining impact and severity levels, escalating and notifying relevant parties as appropriate, and contributing to troubleshooting and resolution.
• Ensure that activities follows the appropriate methodology – e.g. change management, incident management, ITIL best practices.
• Manage delivery of all assigned technical project activities to ensure they are planned and tracked to completion.
• Manage the delivery of all root cause analysis reports for high severity information security incidents.
• Create and maintain information security documentation.
• Escalate and manage incident/request to external technology partners when required.

Technical

• Perform forensic analysis of potential cyber security incidents.
• Test, verify and report on the effectiveness of security controls.
• Hardening technology platforms such as Microsoft Azure, Microsoft 365, firewalls, servers (physical or virtual), and networking equipment.
• Involvement in projects that require IT security expertise and input.
• Escalation point for IT Service Desk where information security expertise assistance is required.
• Provide guidance and support on new developments, upgrades, refreshes, and configurations of services ensuring security by design
• Monitor the organization's security infrastructure and systems and carry out proactive threat hunting to identify potential security risks
• Collaborate with managed security partners to detect and analyse security events and incidents and lead containment, eradication, and recovery activities. This includes determining impact and severity levels, escalating and notifying relevant parties as appropriate, and contributing to troubleshooting and resolution.

Process

• Ensure that activities follows the appropriate methodology – e.g. change management, incident management, ITIL best practices.
• Manage delivery of all assigned technical project activities to ensure they are planned and tracked to completion.
• Manage the delivery of all root cause analysis reports for high severity information security incidents.
• Create and maintain information security documentation.
• Escalate and manage incident/request to external technology partners when required.

Requirements

Essential

• 3-5 years' experience within the cyber security field as Security Operations Team Lead.
• Demonstrated knowledge of cyber security standards, frameworks, and policies
• Proven experience in cyber security operations, managing security incidents and response, threat hunting, and conducting forensic investigations
• Strong knowledge of on-premise and cloud security technologies, infrastructure, capabilities and services, including endpoint security, operating system patching and hardening, vulnerability management, identity and access management, cloud security, email security, and SIEM solutions
• Strong knowledge across information and communication technologies
• Demonstrated experience as a Security Specialist/Consultant in an information security role
• Excellent written and verbal communication skills
• Excellent stakeholder engagement skills
• Relevant cyber security certifications
• Strong fundamental understanding of enterprise technologies and infrastructure including Networking, Servers & Storage, cloud platforms, and virtualisation.
• Good understanding of ITIL principles and methodologies.
• Methodical approach to problem solving with attention to detail.
• Team oriented, self-starter with a ‘can-do’ attitude and the ability to work flexibly as part of a dynamic and fast-paced organisation.
• Strong focus on stakeholder engagement and customer service.
• A willingness to take direction, manage multiple tasks of varying priority whilst always putting the customer first.
• Self-motivated and driven to learn and grow.
• Must be amendable for a hybrid setup (3x/week onsite. Early morning shift schedule. Physical OfficeL Mega Tower, Mandaluyong City.

Benefits

Standard Job Benefits:

• HMO on Day 1
• Paid Time-Off
• Quarterly Sick-Leave conversion
• Paid Government-Mandated Benefits
• Equipment provided

Standard Job Highlights:

• Career growth and development opportunities
• Stable organization and industry leader
• Collaborative and fruitful company culture