Endpoint Security Operations Team Leader

Job description / Role

Role purpose

Manage and maintain security devices, tools/products implemented at ADIB for day-to-day tasks. Regular monitoring of security logs and events for IT security devices to review security events and alerts and proactively detect actual or potential attacks to ADIB network.

Provide administrative, organizational and technical support that assists the Manager - IT Security Operations to accomplish department tasks and act as the backup in the manager's absence.

Follow the security hardening baselines/guidelines and generate compliance reports.

On call availability for critical alerts/issues reported by ADIB Command Center after working hours, weekends and public holidays and proper escalation to Manager IT Security Operations.

Optimize, automate and streamline services provided by IT Security Operations.

Ensure compliance to published policies and procedures such as PMO, ITIL processes, ISO 9001 & 27001 by performing according to what has been documented.

Ensure accurate and timely submission of required documentation and status reporting to management.

Ensure compliance to ADIB processes (HR, Legal & Sharia) related to ITD.

Ensure satisfactory department audit with no high risk findings on department. Any finding to be resolved within agreed time with audit and management.

Key accountabilities of the role

IT Security Admin Unit (20%)

• Assist IT Security Operations Manager in formulating tasks list for IT Security Operations Unit in a manner that tasks are aligned with overall IT Division goals.
• Provide administrative, organizational and required support to accomplish department deliverables and tasks.
• Backup role in IT Security Operations related tasks in case of IT Security Operations Manager's absence.
• Prepare management dashboards and reporting.
• Ensure team provides excellent support, which leads to user satisfaction.

IT Security and Device Management (40%)

• Monitor and manage security devices and tools that are implemented within ADIB.
• Troubleshoot technical issues related to security.
• Perform security device health checks as per approved checklist(s).
• Manage security device configuration changes as per ADIB standard change management process.
• Update security devices with latest stable software and signature releases (upon schedule of CSA).
• Ensure security of all ADIB public services hosted in the DMZ.
• Security configuration of perimeter devices according to best practices and vendor guidelines.
• Global traffic management and internet bandwidth management.
• Ensure ADIB user PCs are secured against malware attack, confidential data loss and identity theft.
• Proactively monitor against any vulnerability in the system, device control usage and whole disk encryption for mobile laptops.
• Manage Single Sign On profile for users.
• Participate in POCs in coordination with CSA (Compliance and Security Architecture) and GRM (Governance and Risk Management) sections to evaluate and provide feedback and test reports for selection of the best suitable security solution for ADIB IT security requirements.

Security Event Monitoring, Incident Response & Support (10%)

• Antivirus and Data Leakage Prevention Management: server-side monitoring 24/7.
• Stay on call for Command Center escalations/alerts and initiate response in case of any security incident.
• Generate reports and alerts for related platforms for review, configuration fine tuning and improvement purposes.
• Incident response: earliest possible detection of information security incidents, incident containment and resolution.
• Incident support: provide level 2 support for any security incident reported by Command Center, or escalate CSA level 3 personnel for critical high impact incidents as needed.
• Resolve and analyze security incidents with the help of the ADIB Service Desk and concerned department as per escalation procedures.

Global Expansion (10%)

To fulfill the IT security requirements for international expansion as conducted by ADIB management.

Information Security (10%)

Maintain information security related to ADIB throughout the period of employment.

Report as soon as possible any potential or actual risks or incidents affecting the security of information to the ITD Service Desk.

Documentation / Process Ownership (10%)

The incumbent is responsible to take ownership, maintain and update documented processes and/or documentation related to his job function.

In the event where processes or documentation are shared, the incumbent shall coordinate with the owner of the document about required changes or improvements.

Specialist skills / technical knowledge, technical competencies required for this role

• Professional certification: CISSP, CCNA, McAfee/TrendMicro Antivirus, other security certifications.
• Must have led the team in endpoint security management.
• Knowledge of information security systems, methodologies and best practices.
• Knowledge of security frameworks such as ISO/IEC 17799-27001, COBIT, etc.
• Strong understanding of general security and networking concepts and experience applying same in corporate network environments.
• Self-learner with a passion for IT security and adaptable to changing requirements.
• Ability to troubleshoot incidents until root cause resolutions.
• Good leadership, team building and mentoring skills.
• Good budgeting and project management skills.

Previous experience

• Minimum 8 years' experience in an IT environment (systems and/or endpoint/networks security).
• Total number of years: minimum 10.