Information Security Operation Manager Full-time Job

Role Details – Key Responsibilities and Accountabilities:

The Information Security Operations Manager’s job is composed of a variety of responsibilities, including tactical, operational and strategic activities in support of the Information Security & Compliance strategy, programs and operations.

Security Incident and Operations Management

Act as the primary incident manager for all security related incidents and lead incident response efforts, ensuring swift identification, containment, and resolution of security incidents.

Ensure that all operational documents and materials (i.e. SOPs, playbooks) are developed, implemented, regularly reviewed and updated, and followed in liaison with technology stakeholders.

Be available 24x7 to respond to high priority security incidents, provide leadership and direction during a crises situation.

Work closely with MSSP and internal stakeholders to ensure the effectiveness of SIEM, use case optimization, consistency and coverage of the critical platform monitoring under SOC, and timely closure of the security incidents.

Develop and maintain incident response plans and ensure they are regularly tested and updated.

Day-to-day management of the Information security operations by working closely with cross functional and managed service provider teams.

Provide specialized security support for events such as fraud attempts based on electronic channels and assist in the investigation activities and senior management reporting.

Operate and manage day-to-day administration tasks for security solutions and tools, ensuring that systems are up-to-date with latest versions, security patches and fixes and conduct periodic health checks across the security platforms and tools.

Develop necessary processes and templates to streamline security operations and smooth onboarding of new systems and applications to SOC and other security tools.

Provide training and guidance to technology operations teams on security requirements, tools and impacts to operational processes procedures, technologies, and information assets.

Security Testing / DevSecOps

Define the approach, guidelines and use cases for static and dynamic application security testing. Continuously improve security testing methods, tools and approaches.

Conduct / manage security penetration testing during new projects, major feature enhancement or change as per defined security testing guidelines.

Ensure that any bugs identified during testing are fixed in a timely manner and any risks identified during the process are communicated and managed effectively.

Integrate security testing into the software development lifecycle (DevSecOps) in collaboration with development and operations teams.

Implement consistent DevSecOps best practices. Keep alignment with DevOps teams to ensure any changes in their platforms/ processes are kept abreast with security testing guidelines.

Identify opportunities for innovation and automation, partner with development and security teams on implementing automation and SOAR workflows.

Threat and Vulnerability Management

Lead and own vulnerability management covering the end-to-end lifecycle (vulnerability identification, investigation, response, and remediation). Develop and maintain vulnerability management process, and SLAs for remediation and reporting metrics.

Evaluate security vulnerabilities, assess risk and impact, develop mitigation strategies, and support the remediation activities.

Develop, maintain and support a threat intelligence capability. Analyze threats, review threat advisories and conduct situational awareness based on intelligence to manage current and emerging security risks to the organization.

Research, analyze and brief management and team members on relevant risk, CVE's, CVSS, attack vectors and mitigations for various technologies

Design, architect and build vulnerability management scanning infrastructure and tools.

Own, maintain and implement vulnerability management processes and procedures.

Founded in 1992, Majid Al Futtaim is the leading shopping mall, communities, retail and leisure pioneer across the Middle East, Africa and Asia.
A remarkable business success story, Majid Al Futtaim started from one mans vision to transform the face of shopping, entertainment and leisure to create great moments for everyone, every day. It has since grown into one of the United Arab Emirates most respected and successful businesses spanning 15 international markets, employing more than 43,000 people, and obtaining the highest credit rating (BBB) among privately-held corporates in the region.
Majid Al Futtaim owns and operates 25 shopping malls, 13 hotels and four mixed-use communities, with further developments underway in the region. The shopping malls portfolio includes Mall of the Emirates, Mall of Egypt, City Centre malls, My City Centre neighbourhood centres, and four community malls which are in joint venture with the Government of Sharjah. The Company is the exclusive franchisee for Carrefour in 37 markets across the Middle East, Africa and Asia, and operates a portfolio of more than 270 outlets in 15 countries.
Majid Al Futtaim operates more than 400 VOX Cinemas screens and 36 Magic Planet family entertainment centres across the region. In addition to iconic leisure and entertainment facilities such as Ski Dubai, Orbi Dubai and Ski Egypt, among others. The Company is parent to the consumer finance company 'Najm', and a Fashion and Home retail business representing international brands such as Abercrombie & Fitch, AllSaints, lululemon athletica, Crate & Barrel and Maisons du Monde. In addition, Majid Al Futtaim operates Enova, a facility and energy management company, through a joint venture operation with Veolia, a global leader in optimised environment resource management. The Company also owns the rights to The LEGO Store and American Girl in the Middle East and operates in the food and beverage industry through a partnership with Gourmet Gulf.