Senior Manager - Cyber Defense & Response

D360 Bank

Define minimum guidelines for detecting, tracking, and escalating security events, ensuring effective response protocols are in place.

Establish criteria for security events and define thresholds to enhance incident detection capabilities.

Oversee 24x7 Security Operations Center (SOC) activities to monitor for cyber threats using SIEM, EDR, NDR, and threat intelligence platforms.

Direct incident response efforts, conduct root cause analysis, and lead digital forensics investigations.

Coordinate containment, eradication, and recovery activities for cyber incidents.

Lead proactive threat hunting based on hypotheses and indicators of compromise (IOCs).

Lead a team of cybersecurity analysts, incident responders, and forensic investigators.

Mentor and train staff, enforce shift discipline, and ensure readiness of the team.

Brief executive leadership and external stakeholders, including regulators (e.g., SAMA, NCA), during and after incidents.

Provide comprehensive reporting on compliance monitoring to ensure adherence to security standards and regulations.

Recommend strategies for containment, remediation, and recovery following cyber-attacks to strengthen organizational resilience.

Utilize both internal and external resources to research threats, vulnerabilities, and threat intelligence regarding various adversaries and attack methodologies.

Guide and support to the cyber monitoring team during major security events, facilitating effective incident management.

Develop an intelligence-led framework to protect the organization globally against cyber risks, integrating threat intelligence into security practices.

Identify Indicators of Compromise (IoCs) and create signatures for detection, enhancing threat recognition capabilities.

Ensure integration and optimization of SIEM, SOAR, and threat intelligence platforms.

Ensure proper documentation and compliance reporting related to incidents.

Assist in audit and compliance efforts related to cybersecurity.

Develop and maintain a cyber incident response program, playbooks, and workflows.

Lead, mentor, and manage the Cyber Defense team (SOC analysts, incident responders, threat hunters).

Supervise the identification and selection of effective information sources to assist with incident investigations.

Coordinate with threat intelligence analysts to correlate threat assessment data and enhance situational awareness.

Utilizes deployable forensics toolkits to support operations.

Act as a technical expert in interactions with law enforcement, providing detailed incident and forensic analysis as required.

Monitor external data sources to stay informed about current cybersecurity threats and assess their potential impact on the organization

Demonstrate the ability to debug malware step-by-step to facilitate analysis and understanding of malicious behaviors

Perform any other duties assigned to by line manager related to the nature of the work

Enforce, incorporate, and comply with all necessary controls and related information security policies, procedures, practices, training, reporting, personal due diligence, and vigilance, within departmental/unit activities and operations.