Brief About Department:

Lead a 24x7 team of security experts in day-to-day SOC operations. Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to in order to drive operational excellence. Provide administrative direction and support for daily operational activities. Benchmark, analyze, report on, and make recommendations for the improvement and growth of the SOC infrastructure and systems. Develop and mentor staff through open communication, training and development opportunities, and performance management processes. Build and develop the SOC processes, policies, procedures. Ensure security detection, response, and recovery procedures are up-to-date, maintained and followed

Duties & Responsibilities:

- Manage security Operations Center (SOC) team and coordinate with relevant organizations and parties to ensure monitoring compliance and smooth incident response.
- Lead staff to proactively identify, prevent and respond to security incidents.
- Measures SOC performance metrics and communicates the value of security Operations to business leaders.
- Coordinate internal and external training and exercises to ensure SOC team proficiency.
- Monitor the SOC related systems to ensure the highest level of performance.
- Manage Schedules of Team to ensure coverage
- Analyze security indicators of compromise, analyze alert data, and take appropriate incident response actions
- Create, design, and implement improvements to the security operations program
- Work with security engineering, infrastructure security, and security architecture to operationalize newly installed security tools
- Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in security operations
- Maintain and deploy security sensors and tools relevant to job
- Lead the threat response and Management of security incidents
- Coordinate, follow up and escalate complex or major incidents with SOC team.
- Manage team efforts to monitor for security events and provide first and final escalation analysis.
- Utilize technical security assessments and cyber threat intelligence to validate security events and perform advanced analysis.
- Summarize events/incidents effectively to different audience, including management and technical staff.
- Conduct after-action reviews to identify lessons learned and best practices.
- Develop SOC related security policies and procedures (Run Book, Incident Management Plans, etc.).
- Document, develop and improve the operational guidelines.
- Develop, Produce and review KPIs to monitor SOC operations effectiveness and efficiency.
- Play a significant role in long-term SOC strategy and planning, including initiatives geared toward Petro Rabigh’s operational excellence.
- Develop, support, and conduct in-house training sessions, individualized if needed, for Security Operations staff, to ensure appropriate development of skills and continued innovation as well as facilitating incident management team exercises and events
- Lead Petro Rabigh SOC security workshops with relevant organizations and units during on-boarding sessions.
- Assist with the development of project scopes and objectives
- Collaborate closely during new projects with the security architects and security specialists in the technical delivery in orderto setup security recommendations and have them implemented.
- Support audits and compliance reporting.
- Play an active role initiating and supporting continuous process and operational improvements

Minimum Requirements:

- Bachelor's degree in IT major, Computer Science. Computer Engineer or related

- Minimum 12 years of relative experience.

- Certified Information Systems Security Professional (CISSP). (optional)
- Certified Information Security Manager – CISM. (optional)
- Certification in Incident Handling (GCIH, GMON …etc) (optional)