Security Operations Center and Incident Response Manager
PwC
Makati
6h ago

Specialism

Cybersecurity & Privacy

Manager

Job Description & Summary

A career in our Risk and Compliance Management practice, within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth.

As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers.

You’ll play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats.

Our team helps organisations transform their governance, risk, and compliance activities into a tool that is able to anticipate and mitigate risk to drive business performance.

In joining, you’ll develop risk management solutions, compliance and ethics controls, business continuity planning, internal audit procedures, and a compliance framework.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be a purpose-led and values-driven leader at every level.

To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution.

PwC Professional skills and responsibilities for this management level include but are not limited to :

  • Develop new skills outside of comfort zone.
  • Act to resolve issues which prevent the team working effectively.
  • Coach others, recognise their strengths, and encourage them to take ownership of their personal development.
  • Analyse complex ideas or proposals and build a range of meaningful recommendations.
  • Use multiple sources of information including broader stakeholder views to develop solutions and recommendations.
  • Address sub-standard work or work that does not meet firm's / client's expectations.
  • Use data and insights to inform conclusions and support decision-making.
  • Develop a point of view on key global trends, and how they impact clients.
  • Manage a variety of viewpoints to build consensus and create positive outcomes for all parties.
  • Simplify complex messages, highlighting and summarising key points.
  • Uphold the firm's code of ethics and business conduct.
  • Roles & Responsibilities

    Lead and manage Organisation’s Security Operations Center (SOC).

    Responsible for incident identification, assessment, quantification, reporting, communication, mitigation and monitoring

    Responsible for compliance to SLA, process adherence and process optimization to achieve the SOC’s operational objectives

    Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center

    Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring

    Responsible for integration of standard and non-standard logs into SIEM

    Creation of reports, dashboards, metrics for SOC operations and presentation to Executive Management and Cyber and Information security or Risk Management committees

    Develop and maintain an incident response program / plan consistent with incident response management processes and standards.

    Implement monitoring tools in the cloud

    Work with other SOC analysts to create security-related rules to provide alerts on any suspicious activities

    Conduct periodic threat simulation activities to evaluate the adequacy of deployed detective controls

    Establish and maintain a database of detected and reported information security incidents

    Provide support for forensic investigations related to Information security incidents and develop and share security event logging requirements with infrastructure and applications teams

    Liaise with stakeholders for timely isolation, containment and remediation of Indicators of Compromise (IOCs) related to validated threat intelligence information

    Requirements

    A minimum of a degree in Computer Science / Engineering, Information

    Technology, Electrical Engineering or a related field of study from a recognised Professional Certification such as CISSP, CISM, CEH or GCIH will be an added advantage

    A Second degree is an added advantage

    Minimum of Five (5) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment and over two (2) years in a managerial role.

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form