At Careem, we are driven by the purpose of simplifying the lives of people and building an awesome organization that inspires.
Based in Dubai, we started our journey as a pioneer of the Middle East’s ride-hailing economy. Today, Careem is the region’s everyday Super App operational in 13 countries and over 100 cities.
The Super App provides a host of daily services that people need to move around, to order things and to transfer money in one unified smartphone app.
Our goal is to simplify people’s daily lives so that they can spend their precious time and mindshare on things that really matter and on realizing their potential.
About Role :
Careem is looking for a seasoned Security Operations manager with extensive hands-on experience in the security domain. The ideal candidate should have a strategic vision and provide leadership to help the organization in the development of Cyber Fusion Center, design and implement leading threat intelligence, analytics, detection and response programs across all Careem verticals.
The individual will work closely with stakeholders across the Org (that include IT, Tech, Product and Engineering, Compliance, Finance).
This individual must have good communication skills so that they are able to influence the various stakeholders to embed and align to Security Policies and Procedures.
The SOC Manager will be responsible for program success, staffing, the day-to-day management of security service, including SLA performance management, metrics development, management of process and procedures, recommending security improvements, and developing, implementing, and ensuring compliance with all security policies and procedures.
The role will offer an exciting opportunity to work with our diverse team of leading professionals to design and implement solutions and help the organization to achieve business growth and manage risk.
Responsibilities and Tasks :
Drive development and managing the implementation of Cyber Fusion capabilities targeting key risk and business needs enhanced by leading practices across people, processes and technology including current state assessments
Leading and managing the 24x7 Security Operations and team of security analyst and engineers with the aim to build a state of art Cyber Fusion Center
Identify and manage a wide range of intelligence sources to provide a holistic view of the threat landscape and filter out noise in order to focus and execute upon actionable intelligence
Design and manage the implementation of Cyber Fusion operating models, identifying, evaluating, and providing solutions to evaluate complex business via a threat-based approach
Providing perspective on the effective approaches to Cyber Fusion Center development and operations and collaboration with stakeholders on implementation of roadmaps and execution plans
Lead process walkthrough discussions to recommend improvements on end-to-end business processes and functional requirements based on latest Cyber Fusion Center / SOC trends
Act as the focal point for security operations, incident detection and response, threat intel, and contribute to security detection programs
On Call’ availability for rare fire drill’ scenarios, for example on high-critical incident response scenarios, or emergent imminent widespread threats requiring urgent action
Leading the development of actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, support teams with the technical implementation of parsing log sources creating, validating and testing alerting queries to reduce false positives
Clearly articulate the role of Cyber Threat Intelligence in the cyber defense strategy, and integrating intelligence across defense disciplines such as risk, security architecture, monitoring / detection, vulnerability management, and application security
Ensure that all security events and incidents (internal / external) are logged into Jira and regularly updated and closed within the set SLA’s
Actively mentor and train team members on Cyber Fusion processes, governance, and frameworks
Work independently and collaborate effectively with management team to set and implement policies, procedures and systems to improve operational effectiveness and to follow through with implementations
Engage regularly with audit, compliance, and regulatory bodies globally and brief management team, senior leaders, and information security professional on cyber threat trends, emerging challenges and relevant insights to the business
Participate actively in staff recruitment and retention activities providing input and guidance into the staffing process
Adopt a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature.
Help building strong professional and collaborative relationships, living by our cultural values is integral to our business.
Minimum 5+ years of operational experience preferred in threat intelligence, crisis management, insider threat operations, threat management, cyber security, information security or related functions.
Bachelor's degree in Computer Science, Management Information Systems, Information Systems, or a related field / experience is required.
Experience within financial services areas is preferred.
Considerable knowledge and understanding of common cyber security technology tools such as firewalls, IDPS, Network access control, DDOS Mitigation, Endpoint, detection & response, threat intel, Vulnerability , encryption and authentication is advantageous.
Strong knowledge of Security Methodologies and Frameworks.
Experience in Highly available 24x7 Enterprise Operational Environment
Must possess strong writing, and critical thinking / analysis skills
Ability to effectively use data to visualize and communicate findings while maintaining data confidentiality, integrity and availability
Experience as an SOC manager in a medium-to-large complex, fast-paced organization.
Mature understanding of industry accepted standards for incident response actions and best practices related to SOC operations
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Strong leadership skills and the ability to lead and guide team during incident and crisis management
Proven success building and running SOC function / team, including (but not limited to) :
Experience maintaining metrics, reporting and SLAs
Security operations experience with operating systems, cloud infrastructures and services (e.g. AWS, GCP) and customer-facing web applications
Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and / or MITRE ATT&CK framework
In-depth knowledge of modern security concepts and role of Cyber fusion center
Strong analytical skills and attention to detail
Strong understanding of data relationships and impacts to IAM
Experience around security processes and technologies
Ability to research, analyze, and resolve complex problems with minimal supervision and escalate issues as appropriate
Experience with GRC and IT / Security audits
Thorough documentation skills