Deputy Manager Cyber Security – K-Electric – Elander Complex (Karachi) – Pakistan
K-Electric invites applications for Deputy Manager Cyber Security in Elander Complex (Karachi), Pakistan
Our employees are our company’s greatest asset – they are our real competitive advantage. We possesses immense power of innovation, imagination and a desire to attract and retain the best; provide them with encouragement, stimulus, and make them feel that they are an integral part of the company’s mission.
Faculty Title:
Deputy Manager Cyber Security
This role shall be responsible to monitor and assist Manager Cybersecurity (Security Operation & Monitoring) in managing the L1 SOC team directly when responding to business-critical security incidents. This role will coordinate with L1 SOC team for day-to-day activities, events and incidents (HOTO, process flows, ticket managements, playbooks w.r.t use cases and tools, rotation plans).
Furthermore, this role shall also undertake routine matters and tasks pertaining to SIEM, Network Security Solutions, EDR/MDR, End-point security, FireEye and Threat Intel Tools. Daily SOC KPIs and their monitoring shall also be routinely performed by this role by agreeing specific performance objectives and goals with the SOC team.
Security Monitoring:
Provide support in managing incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
Creation of reports, dashboards, metrics for SOC operations and presentation to Manger Cybersecurity (Security Ops & Mon).
Safeguard information system assets by identifying and solving potential and actual security problems.
Configure correlation rules in SIEM and identify indicators of threat activity.
Support the investigation of cyber breaches/ incidents.
Understand and utilize cyber threat intelligence sources.
Communicate cyber events to internal and external stakeholders.
Work with KE ITG cross functional teams to support investigating cyber security incidents and provide reviews and recommendations.
Develop new capabilities to enhance the analysis capabilities of the team.
Managing security event monitoring, management, and response.
Configure integration of standard and non-standard logs in SIEM.
Develop company-wide best practices for IT and OT Security.
Security Operations:
Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
Implement and oversee technological upgrades, improvements, and major changes to the information security environment.
Perform routine task related to Network Detection & Response, DNS Security, and Advance Malware Protection (AMPS).
Configure integration with multiple sources which also includes other security solutions.
Monitor and manage all network traffic and look for anomalies that could indicate potential security threat.
Change Management:
Support the monitoring and maintaining network security suite of tools.
Participate in efforts that tailor the company’s security policies and standards for use in cloud environments.
Provide advisory support to the team on emerging cloud security technology solutions that can assist with compliance monitoring and auditing.
Automate security controls, data and processes related to cloud to provide better metrics and operational support
Stakeholder Management:
Following up with procurement and business finance teams regarding project related matters.
Vendor and principal management for various projects and tools.
Coordinating with legal team for review and finalization of SLAs and NDAs of various projects.
Coordination with cross-functional teams regarding admin related matters.
Project management and dealing with various vendors.
Cyber Security Projects:
SIEM:
Lead project to ensure existing SIEM instance is upgraded to the latest supported platform
NDR:
Analyze traffic from various sources such as logs, network flow data, etc.
XDR:
Investigate and analyze malware incidents detected and determine the scope and impact of the incident activity
FIREEYE:
Implement and configure FireEye NX appliances
Configuring alerts, reports, and policies for malware detection and response
Monitor FireEye NX alerts to identify and respond to potential malware threats
DNS Security:
Monitor DNS traffic to detect any abnormal activity, such as DNS tunneling, domain generation algorithms (DGA), and other malicious activities
Analyze data from DNS logs and other sources to identify potential security issues
Manage DNS Security policies including response policy zones (RPZs)
Minimum 2-3 Years’ experience in cybersecurity, out of which 1 year experience in managing IT SOC and SIEM. Managing OT SOC shall be an added advantage.
A bachelor’s degree in a related technical field.
Certifications like CEH, CHFI, CISM preferred
KE provides equal employment opportunity (EEO) to all persons regardless of age, color, origin, physical or mental disability, race, religion, creed, gender, marital status, status with regard to public assistance or any other characteristic protected by federal, state or local laws.