Provide direction, plan, oversee execute, analyze and measure, and report on various cyber security operations functions. Ensure centralized and dedicated cyber security technologies and operations functions operate at the right level of maturity, are effective and optimized. Ensure operations functions adequately support TIH’s information & cyber security outcomes. Ensure operations functions produce relevant measurements and metrics to support TIH’s cyber & information security decisions. Ensure operations functions continue to mature and adequately adapt to the changing threat landscape.
Lead in detecting and analyzing security incidents including attacks, breaches, and identified vulnerabilities and remediate any security gaps in line with the security incident management procedure. Ensure, through appropriate planning, execution, oversight of implementation and management of centralized and dedicated operations, TIH is able to appropriately identify, protect, detect, respond and recover to information & cyber security threats. Where possible, play the role of a lead-in to further enhancing and optimizing said lifecycle.
Supervise others working within established operational systems. Participate and take ownership during information & cyber security incident response activities, and specifically as it pertains to cyber security operations.
Risk Management & Analysis
Ensure the organization is not exposed to undue risks by using risk management systems to achieve specific goals within a designated area of the business. Maintain visibility of emerging information & cyber security threats and trends, and adjust operations activities to best defend against such threats. Highlight and track risks related to cyber security operations shortfalls and propose appropriate actions to management in order to manage such risks.
Maintain and renew a deep knowledge and understanding of the organization’s policies and procedures and of relevant regulatory codes and codes of conduct, and ensure own work adheres to required standards. Identify, patterns of noncompliance with the organization’s policies and procedures, and with relevant regulatory codes and codes of conduct, taking appropriate action to report and resolve these and escalating issues as appropriate. Take ownership of and optimize operation of dedicated and centralized cyber
security technologies. This includes establishing relevant, operating procedures and other mechanisms to ensure consistent execution and quality outcomes.
Insights and Reporting
Prepare and coordinate the completion of various data and analytics reports. Provide input on cyber security operations metrics and indicators. Report on key cyber security operations metrics and indicators to management and colleagues.
Contribute to stakeholder engagement through identifying stakeholders, finding out their needs/issues/concern and reacting to these by arranging meetings and events and drafting supporting materials to promote understanding and commitment. Build and maintain relationships with teams and areas within TIH towards ensuring collaboration and overall successful functioning of cyber security operations across the organization. Collaborate with the Information Security Architecture function around strategic
cyber security technology selection and investment, or technologies with an impact on cyber security.
Operational Procedure Development
Contribute to the drafting of operational procedures, and related guidelines within an area of expertise to meet defined key principles and ensure compliance with external requirements. Take ownership of and drive maturity of operational technologies, associated workflows and procedures across a variety of areas such as Internet and dark web cyber threat exposure, network and communications security, endpoint security, identity & access management, application security for proactive and reactive technology protections, vulnerability management and incident response and forensics.
Cyber Security Project and Program Governance
Clarify roles and responsibilities within the project team and ensure project compliance with the organization’s wider program and/or portfolio management decision-making structures and processes. Participate and positively contribute to governance forums, committees or groups within TIH.
Personal Capability Building
Develop own capabilities by participating in assessment and development planning activities as well as formal and informal training and coaching; gain or maintain external professional accreditation where relevant to improve performance and fulfill personal potential. Maintain an in-depth understanding of technology, external regulation, and industry best practices through ongoing
education, attending conferences, and reading specialist media. Maintain and renew understanding of the information security operations landscape, both current and as it continues to evolve.
Review existing operations in own area of work and implement innovation processes to generate new ideas and ensure continuous improvements are delivered. Implement improvements and continuously mature cyber security operations activities.