Synopsis
As part of the Security Operations team, this role is the Etihad subject matter expert, responsible for specific operations security services defined as part of the security operations service catalogue. The Security Operations Manager manages the technical delivery of supplier provided Security Operations services to agreed service level standards. The role oversees the day-to-day information security operations, including monitoring, analysis, detection and escalation of Information security risks and threats.
Accountabilities
- Manage the technical delivery of security services by the managed security services providers.:
- Serve as the key point of contact for information security operational requests.
- Review supplier provided reports and ensure adherence to agreed SLAs.
Accountabilities
Ensure effectiveness of security services provided by the managed services provider for detection, prevention, protection and remediation of security incidents. Work as part of the incident response team on a 24x7x365 rota, with responsibility for all security related incidents (P1-P4). Ensure the enforcement of information security controls to Etihad security standards, policies and regulatory requirements by the managed services provider. Provide support for information security investigation requests. Report status of information security situational awareness as requested.
Ensure that the service provider applies security policies, requirements and controls to all supported platforms. Manage security services providers, to define and document security procedures and configurations. Internal stakeholder management, providing information up to Head of Cybersecurity and Head of Technical Systems on escalations and resolution progress; respond to stakeholder queries on information security operations. External stakeholder management, account Managers of managed service providers and suppliers and delivery personnel of managed service providers and suppliers.
Education & Experience
- Deep knowledge and experience of endpoint detection and response (CrowdStrike preferred)
- A minimum of 5 years of experience in Cybersecurity. CISSP certification
- Knowledge of and experience with Information Security operations tools
- Understanding of ISO27001 and NIST and UAE Govt Cybersecurity standards, international and local regulations pertaining to Information Security and data privacy.
- Proficiency in industry standard Service Management Operations principles: Incident Management, Vulnerability Management, Change Management etc.
- Ability to manage execution of projects by security services providers and internal teams
- Very good written and oral communication skills required
- Graduate degree in Computer Science, Management Information Systems or equivalent
- Post-graduation (Information Technology or Computer Science preferred) nice to have
- Industry and domain certifications such as Certified Information Systems Security Professional (CISSP) , Global Information Security Assurance Professional (GIAC) , Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or equivalent
About Etihad Airways
Etihad Airways, the national airline of the UAE, was formed in 2003 and quickly went on to become one of the world’s leading airlines. From its home in Abu Dhabi, Etihad flies to passenger and cargo destinations in the Middle East, Africa, Europe, Asia, Australia and North America. Together with Etihad’s codeshare partners, Etihad’s network offers access to hundreds of international destinations. In recent years, Etihad has received numerous awards for its superior service and products, cargo offering, loyalty programme and more. All this ties into Etihad’s ambitious Journey 2030 strategy. The airline plans to double its fleet size and triple the number of customers over the next six years as it sets out to be the airline everyone wants to fly!
To learn more, visit etihad.com
