Senior IT Security Operations Officer

Role: Senior IT Security Operations Officer

Location: Abu Dhabi

Role Purpose:

• Manage and Maintain Security devices, Tools / Products implemented at ADIB for day-to-day tasks
• Implement security policies, protocols and procedures
• Regular monitoring of Security Logs and Events for IT Security devices to review security events and alerts and proactively detect actual or potential attacks to ADIB network
• Provide administrative, organizational, and technical support that assists the Manager – IT SECURITY OPERATIONS to accomplish department tasks and act as the backup in the Manager's absence
• Incident response: Respond to attack attempts & contain incidents
• Follow the security hardening baselines / guidelines and generate reports as required
• On call-availability for critical alert(s) / issue(s) reported by ADIB Command Center after working-hours, weekends and public holidays and proper escalation to Manager - IT SECURITY OPERATIONS
• Ensure compliance to published policies and procedures defined by ITD Governance, GISD etc., by performing according to what has been documented
• Ensure accurate and timely status reporting and other related documentation to management
• Ensure satisfactory department audit with no high risk finding on department. Any finding to be resolved within agreed time (with Audit and Management)

Key Accountabilities of the role:

IT Security Operations Unit (20%)

• Assist IT SECURITY OPERATIONS Manager in formulating tasks list for IT SECURITY OPERATIONS Unit in a manner that tasks are aligned with overall IT Division goals
• Prepare Management Dashboards and reporting
• Attend all the team meetings, one to one meeting to have a high level of communication culture.
• Timely response to email, tasks assigned and effective follow up with various stakeholders.
• Ensure team provides excellent support, which leads to user's satisfaction.

IT Security and Device Management (30%)

• Manage, maintain, and monitor Security Devices, Security Tools and Products implemented at ADIB
• Ensure security of all ADIB public services hosted in the DMZ
• Security configuration of perimeter devices according to the Best-Practices and vendor guidelines
• Manage security device configuration change(s) as per ADIB standard Change Management Process
• Perform security device health checks as per approved checklist(s)
• Updating security devices with latest stable software and signature releases
• Security configuration of perimeter devices according to the Best-Practices and vendor guidelines
• Troubleshoot technical issues related to Security
• Participate in POCs in coordination with Security Projects delivery Team to evaluate and to provide a feedback for selection of the best suitable Security Solution for ADIB IT Security requirements.

Security Events Monitoring, Incident Response & Support (10%)

• Security Event Monitoring and Logging: Ensure that required logs from security devices and tools are configured to forward to SIEM.
• 24/7 Stay on-call for Command Center, SOC and initiate response in case of any Security Incident
• Incident Support: Provide Level 2 & 3 support for any security incident reported by Command Center/SOC and escalate as per escalation procedures / guidelines

Global Expansion (10%)

• To fulfill the IT Security requirements for International expansion as conducted by ADIB Management.
• Ensure availability of security services for international branches and provide BAU security operations support.

Information Security (10%)

• Maintain information security related to ADIB, throughout the period of employment
• As soon as possible, report any potential or actual risks or incidents affecting the security of information to the ITD Service Desk and to your Line Manager.

Documentation / Process Ownership (10%)

• The incumbent is responsible to take ownership, maintain & update documented processes and / or documentation related to his job function
• In the event where processes or documentation are shared, the incumbent shall coordinate with the owner of document about required changes or improvements
• People & Attendance (10%)
• Co-operate with the team members in a cohesive and professional manner and proactive good attendance habits and maintain the reporting hierarchy in all matters.
• The incumbent should adhere to working hours which might require working for extended hours depending on job nature and task assigned.

Specialist Skills / Technical Knowledge, Technical Competencies Required for this role:

• Graduate in any field related to Information Technology / Computer Science.
• Certification: Microsoft Azure Security/Architecture, Firewall, IPS, Email Gateways, WAF and/or other Security Certifications
• Good knowledge of IT systems configuration and log analysis
• Strong understanding of general security and networking concepts in corporate network environments
• Strong understanding of well-known security technologies
• Demonstrates a range of effective technical problem-solving techniques
• Strong understanding of Cloud Security Posture management, ability to review and take actions
• Good understand of DevSecOps methodologies
• Good understanding of Cloud native Security including Security in distributed Microservices architecture
• Knowledge of Information Security systems, methodologies, and best practices.
• Possess team building skills and must efficiently work with various stakeholders

Previous experience:

• Total Number of Years: Minimum 10 Years IT Environment (Network Security & Cloud Security)
• Minimum 8 years' experience in similar banking or IT Organizations
• Bachelor's degree in computer science, information systems, business administration, related field, or equivalent work experience