Cybersecurity Operations Manager

Riyadh Air, Saudi Arabia’s new national airline is looking for global talent to build on our ambition to be the World’s most inspiring airline with an exceptional guest experience.

JOB ROLE 

The Cybersecurity Operations Manager position reports directly to the Head of Cybersecurity. This position is responsible for day-to-day operations across all security platforms and technologies. This position will also take up the administrative functions of the Head of the Cybersecurity organization, including cost and budget management. This position is also responsible for catering to all access management requests and changes. This role is also responsible for identifying, analyzing, monitoring, mitigating, and managing threats and vulnerabilities to IT systems and networks.

The Cybersecurity Operations Manager will use defensive measures and multi-source information to report events and respond to incidents. You will use monitoring and analysis tools to identify and analyze events and to detect incidents.

GENERAL ACTIVITIES

• Perform daily monitoring, maintenance, and improvements as needed to the security solutions deployed across Riyadh Air.
• Maintain cyber threat situational awareness of internal and external threats and vulnerabilities through enhanced monitoring capabilities and oversight of systems and processes used to assess security.
• Monitor users, applications, networks, systems, and access to physical assets (includes intrusion prevention/detection, email/spam filtering, and web filtering).
• Perform periodic review of audits logs (including review and retention) of applications, networks, systems, and access to physical assets.
• Govern periodic user access reviews across Riyadh Air’s registered users and report any discrepancies.
• Conduct physical and logical security control assessments (vulnerability assessment), security monitoring, detection, and security status reporting to enable informed decisions.
• Work with internal teams and third parties to scan, analyze, and apply countermeasures for vulnerabilities.
• Ensure Key Performance Indicators and Security metrics for each of the Security capabilities deployed are measured periodically, and performance is reported to appropriate stakeholders.
• Uses data from cyber defense tools to analyze events within their organization to detect and mitigate cyber threats.
• Tests, implements, deploys, maintains, and administers hardware and software that protect and defend systems and networks against cybersecurity threats.
• Provides general cybersecurity support. Assists in cybersecurity tasks.
• Develops, evaluates, analyzes, and identifies weaknesses and improvements to cryptography systems and algorithms.
• Develops, tests, and maintains systems’ security. Analyzes security of operations and integrated systems.
• Performs vulnerability assessments of systems and networks. Identifies where they deviate from acceptable configurations or applicable policies.
• Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
• Conducts authorized attempts to penetrate computer systems or networks and physical premises, using realistic threat techniques, to evaluate their security and detect potential vulnerabilities.
• Investigates, analyzes, and responds to cybersecurity incidents.
• Collects and analyzes digital evidence and investigates cybersecurity incidents to derive useful information to mitigate system and network vulnerabilities.
• Identifies, collects, examines, and preserves evidence using controlled and documented analytical and investigative techniques.
• Analyzes (by disassembling and/or decompiling) malicious software, understands how it works, its impact, and intent, and recommends mitigation techniques and incident response actions.
• Collects and analyzes multi-source information about cybersecurity threats to develop a deep understanding and awareness of cyber threats and actors’ Tactics, Techniques, and Procedures (TTP), to derive and report indicators that help organizations detect and predict cyber incidents and protect systems and networks from cyber threats.
• Proactively searches for undetected threats in networks and systems, identifies their Indicators of Compromise (IOCs), and recommends mitigation plans.

PROFILE REQUIREMENTS 

Professional Experience

• At least 10+ years of experience in Cybersecurity.
• Maintain certification in CISA, CISM, ISO 27001 LA, or equivalent.
• Experience in using various Cybersecurity Tools.
• Strong understanding of Information Technology and IT Security.
• Basic knowledge of working across diverse teams to facilitate solutions.
• Managerial-level role requiring advanced skills and a high level of proficiency.
• Works independently with minimal guidance and frequent initiative or independent judgment opportunities.
• Leads in a specialist area.
• Uses best practices and knowledge of technologies and appropriate processes.
• Serves as a mentor for less experienced team members.

Academic Qualifications

• Bachelor degree in computer science or equivalent.

Competency Requirements

• In-depth understanding of regulatory compliance requirements and designing the associated policies and procedures (NCA, ISO 27001, NIST, PCI DSS, GDPR, etc.).
• A proven record of security thought leadership and be recognized for technical acumen.
• Strong experience in delivering IT and OT risk assessments, developing control frameworks, and handling internal and external audits.
• Depth of knowledge in one or more core security areas, such as Security Architecture / Cloud Security.
• Problem identification, analysis, and evaluation.
• Principles of effective writing and verbal presentation.
• Strong interpersonal skills
• High level of professionalism and work ethics.
• Excellent verbal and written communication skills.
• Ability to function in a fast-paced environment and manage multiple projects.
• Ability to effectively plan and prioritize multiple assignments to meet established deadlines.
• Extraordinary attention to the overall quality of the final product.
• Detail-oriented, organized, and able to handle multiple priorities and deadlines simultaneously.
• Flexible, self-starting, and tenacious with an exceptional aptitude for dealing with ambiguity in an environment where policies and processes are being created.
• Examines the status quo and thinks of how to improve it.
• Proficient Word Processing Skills, including Outlook, Word, PowerPoint, and Excel.
• Positive attitude and high levels of personal commitment.
• Strong knowledge of cybersecurity principles.
• Strong understanding of intrusion detection technologies.
• Ability to effectively conduct vulnerability scans.
• Ability to identify, capture, contain and report malware.
• Ability to design countermeasures to identified security risks.
• Skill in configuring and utilizing computer protection tools.
• Skill in conducting forensic analysis in multi-system environments.
• Understanding of the impact of a cybersecurity breach on the organization.
• Understanding of new technologies and solutions from a cybersecurity perspective.
• Excellent time management and organizational skills.
• Teamwork and collaboration, including the ability to establish and maintain effective internal and external working relationships with executive clients, technical and non-technical individuals.
• Flexibility, reliable and self-motivated, with the ability to perform under pressure.
• Strong knowledge of the Cybersecurity threat landscape.
• Strong knowledge of vulnerabilities in critical infrastructure environments.
• Strong knowledge of the principles of cybersecurity and privacy.
• Strong knowledge of cybersecurity defense tools and their capabilities.
• Strong knowledge of the cybersecurity aspects of business continuity and disaster recovery planning and testing.
• Strong knowledge of best practice analysis principles and methods.
• Strong knowledge of the organization’s risk management principles and procedures.
• Strong Knowledge of Project Management.