POSITION DESCRIPTION
Reporting to Head of IT Security Department, IT Security Operation (SOC) Manager will be responsible for providing enterprise-wide event identification, triage, and remediation. The security analyst shall determine whether the security event will be classified as an incident. They will be coordinating with the customer IT and Security team for resolution of the security incident.
DUTY & RESPONSIBILITY
- Responsible for security incidents and investigations and leading SOC operations.
- Identify, evaluate, develop, and report SOC-related metrics via dashboard and/or reports.
- Lead investigations and response teams to assist in containing and remediating incidents.
- Develop, lead, and present relevant cybersecurity tabletop exercises to SOC staff and relevant stakeholder groups for the purpose of identifying process improvement opportunities.
- Define protocols and maturing of 'playbooks' for operational response to cyber threats.
- Cross-functional team coordination, communication, and reporting.
- Responsible for post-incident reports, dashboards, and documentation.
- Experience in vendor management.
- Ensure compliance with SLA, process adherence, and process improvisation.
- Define and maintain the security operation & monitoring strategy aligned with organizational objectives.
- Ensure the operation and management effectiveness of the SIEM platform.
- Ensure the effectiveness of deliverables from SOC-managed service vendors.
- Coordinate security incident management and response plans & activities.
- Report security operation center (SOC) posture and major incidents to senior leadership.
- Manage the effectiveness of automated alerts, reporting, and improvement.
- Ensure SOC operations meet regulatory and organizational standards (e.g., TCRMG and ISO 18788).
- Oversee and manage the annual red teaming exercise and simulation.
- Provide annual budget estimations for tools and platforms if needed.
- Offer guidance to teams on handling task-related challenges.
- Oversight team competency, development, and training.
- Manage and measure the KPIs among team members, and provide them necessary support and feedback.
- Carry out additional tasks as delegated by the Line Manager in alignment with departmental priorities and organizational objectives.
- Excellent communication and leadership skills for team management, leading operations management, and SOC monitoring.
- Performs other duties as assigned.
QUALIFICATION
- University graduate, preferably major in Computer Science related subjects or equivalent; OR
- 3+ years of experience in IT application security role;
- Experience with Security Information Event Management (SIEM) tools, creating advanced correlation rules, administration of SIEM, system hardening, and Vulnerability Assessments;
- Knowledge and hands-on experience with LogRhythm, QRadar, Arcsight, Mcafee epo, Exabeam or any SIEM tool;
- Advanced ability to coordinate responses to application security breaches and threats. Outstanding leadership, organizational, and time management skills;
- Outstanding verbal and written communication skills (English and Khmer); strong people skills;
- Formal certification would be an advantage as would knowledge and experience of IT security, such as CND, CySA+, CISA, SIEM Product Certified System Administrator, etc.
- Self-motivated and good problem-solving skills.
How to apply
Interested and qualified applicants should submit your updated Cover Letter and CV stating the position applied for with your current photo (4x6) through hr@canadiabank.com.kh
