Manager - Cybersecurity Intelligence

Manage the outsourced security operation center – SOC team, investigate their results, coordinate the intelligence, deliver security reports, and managing the threats with multiple stakeholders internal or external. Enhance the security monitoring capabilities and enable the SOC as a one of GRC monitoring tools. Managing the Incidents Responses

• Document and escalate incidents that may cause immediate or ongoing impact.
• Analyze network alerts from multiple sources to determine possible causes.
• Analyze malicious activity to determine vulnerabilities exploited, exploitation methods and effects on system and information
• Determine Tactics, Techniques, and Procedures (TTP) for intrusion sets.
• Build and operate the cybersecurity incidents classification criteria.
• Examine network topologies to understand data flows through the network.
• Use metadata to identify and analyze anomalies in network traffic.
• Identify indications and warnings through research, analysis and correlation across multiple data sets.
• Use packet analysis tools to validate intrusion detection system alerts.
• Use network traffic to identify a network device's applications and operating systems.
• Use network traffic to reconstruct malicious activity.
• Identify network mapping and operating system fingerprinting activities.
• Assist in the construction of signatures for implementation on cybersecurity network tools to respond to new or observed threats within the environment.
• Report suspected cyber incidents in line with the organization's cyber incident response plan.
• Analyze and report on trends in the systems' security posture.

• Coordinate with other cyber defense staff to validate network alerts.

• Uses data collected from cyber defense tools to analyze events that occur within their organization to detect and mitigate cyber threats.

• Develops, tests and maintains systems’ security. Analyzes security of operations and integrated systems
• Investigates, analyzes and responds to cybersecurity incidents

• Certified CISP, CISM, CISO, ISO27k1, CCNA, MCSE or any related.
• Project management capabilities.
• Critical Thinking skills.