Associate Director, Security Operations

We are looking for a highly talented professional to join our Information &
Cyber Security (ICS) practice. The candidate must be comfortable with working on ICS at both the abstract and detailed levels. The candidate will be someone who has strong background in ICS operations management.

Responsibilities:

1.Firewall, Network Proxy, and EDR Management:

• Firewall Management:
  Oversee the configuration, maintenance, and monitoring of firewall systems to enforce security policies and control network traffic effectively.
  
• Network Proxy Management:
  Manage proxy servers to secure internet traffic, optimize performance, and troubleshoot issues as needed.
  
• Endpoint Detection and Response (EDR) Management:
  Manage EDR tools across endpoints, configure policies for threat detection and response, and analyze endpoint data for security anomalies.
  

2.Threat Detection and Content Creation:

• Write and refine rules, signatures, and queries to detect security threats effectively.
  
• Develop and update security detection content for SIEM (Security Information and Event Management) systems.
  

3.Vulnerability and Threat Management:

• Manage vulnerability assessment and remediation programs, prioritizing and mitigating security vulnerabilities.
  
• Coordinate with technology operations teams to apply patches and updates to systems and applications.
  
• Monitor and respond to emerging threats, implementing proactive measures to protect systems and data.
  

4.Incident Response:

• Perform security monitoring and triaging for potential threats and SIEM alerts.
  
• Develop and maintain incident response plans and procedures, coordinating responses during security incidents or breaches.
  
• Lead incident response teams, ensuring timely resolution and post-incident analysis to prevent future occurrences.
  

5.Access Review and Security Exceptions:

• Establish and maintain access review processes to ensure appropriate access rights and permissions.
  
• Manage and review user requests for security exceptions, balancing business needs with security requirements.
  
• Implement controls and monitor activities to detect unauthorized access attempts and policy violations.
  

6.Collaboration with Engineering Teams:

• Work closely with engineering teams to integrate security best practices into the development lifecycle.
  
• Conduct security reviews of infrastructure, applications, and new technologies, providing recommendations for security enhancements.
  
• Collaborate on the design and implementation of secure architecture and solutions.
  

7.Service Management:

• Provide oversight of security service delivery, ensuring SLAs (Service Level Agreements) are met.
  
• Manage relationships with security service providers and vendors, evaluating services and negotiating contracts.
  

8.Compliance and Reporting:

• Ensure compliance with relevant security standards, regulations, and best practices.
  
• Generate regular reports on security metrics, incidents, vulnerabilities, and operational status.
  
• Participate in audits and assessments related to security operations.
  

9.Audit Management:

• Manage and coordinate security audits conducted internally or by external auditors.
  
• Prepare audit responses and action plans, implementing corrective measures and tracking progress.
  

Qualifications for the role:

• Proven experience in a security operations role with hands-on experience in firewall management, network proxy, EDR, incident response, and threat detection.
  
• Strong understanding of security principles, protocols, and technologies.
  
• Experience with access control, vulnerability management, audit management, and compliance frameworks (e.G., PCI-DSS, GDPR).
  
• Excellent communication skills and ability to collaborate effectively across teams and stakeholders.
  
• Bachelor’s degree in Computer Science, Information Technology, or related field;
  advanced degree or certifications (e.G., CISSP, CISM) preferred.
  

What you need to be successful in this role:

• 5-10 years of relevant ICS experience in security operations / management.
  
• At least 2 years managing security operations team
  
• Strong acumen in setting up risk frameworks, policies, standards, baselines and procedures.
  
• Good hands-on experience reviewing cloud, application, information and cyber security.
  
• Good understanding of technology (e.G. cloud and containers) and Agile development concepts.
  
• Ability to explain theoretical concepts to team members with varying ICS backgrounds.
  
• Good knowledge of retail banking products and processes with a focus on digital products, functions, features and processes.
  
• Good understanding of industry trends and developments including impact on the business.
  
• People leader