Lead CyberSecurity Operations Specialist

Responsibilities: Oversee security incident triage, analysis, containment, eradication, recovery, and documentation. Manage, optimize, and maintain SOC technologies, including SIEM, SOAR, EDR, IDS/IPS, DLP, WAF, and threat‑intelligence tools. Develop and refine detection rules, correlation logic, dashboards, and automated playbooks to improve MTTD/MTTR. Conduct advanced threat hunting and support forensic investigations to identify emerging risks and undetected threats. Lead vulnerability assessments, remediation tracking, and risk‑based prioritisation across applications, infrastructure, and cloud. Coordinate and act as Incident Lead for major cyber incidents, ensuring proper escalation and regulatory‑aligned reporting. Maintain SOC runbooks, procedures, escalation workflows, and continuous process improvements. Evaluate and integrate new security technologies, ensuring seamless interoperability across all banking systems and cloud environments. Drive SOC maturity initiatives including automation, orchestration, and operational efficiency enhancements. Collaborate with IT, Risk, Compliance, Legal, and Product teams to strengthen end‑to‑end security posture. Prepare and present operational metrics, incident summaries, threat intelligence insights, and audit/compliance reports to management. Requirements: Bachelor’s degree in Computer Science or related field; a Master’s degree is an advantage. 7–10 years’ experience in Information Security with strong SOC, incident response, and threat intelligence exposure. 2–3 years in a technical leadership capacity, ideally within a 24/7 SOC. Certifications such as CISSP, CISM, ISO 27001, PCIDSS, or relevant cloud/network credentials. Strong experience with SIEM/SOAR/EDR, IPS/IDS, IAM, API security vulnerability tools, and security architecture. Familiarity with MITRE ATT&CK, NIST, PTES, and regulated environments (e.g., financial services). Proficiency in log analysis, scripting (Python/PowerShell), and automation. Experience with vulnerability scanning and assessment tools. Familiarity with threat intelligence concepts and methodologies. Strong understanding of regulatory requirements and industry standards (e.g., ISO 27001, NIST, NDPA, PCI-DSS, etc.) with evidence of implementing and managing ISO 27001, PCIDSS, ISO 27032, etc. projects. Proven experience in a highly regulated industry, such as Financial Services.