Procter & Gamble Cyber Security Defense Operations Manager in National Capital, Philippines
Cyber Security Defense Operations Manager The Cyber Security Defense Operations Manager is responsible for coordinating the deployment and allocation of Cyber Security personnel and capabilities to ensure the 7x24 security of the enterprise. Responsible for the day-to-day operations of the Cyber Security Defense Team and of the management systems, security event monitoring systems, malware detection and enterprise-level antivirus solutions/systems, and forensic investigations. The Cyber Security Defense Operations Manager provides direction to both the senior and non-senior analysts, 3rd parties supporting the Defense operations, and is a liaison to the Engineering teams.
Stay informed about all potential incidents and make decisions around when to invoke the Incident Response Plan.
Lead the Cyber Security Incident Response Team and coordinate Cyber Security's investigation during an incident including communications between Cyber Security and other groups e.g. progress reports to stakeholders, investigative teams, management, and system/application owners.
Assist with the management and coordination of the Cyber Security Defense Operations team.
Identify operational, and tactical cyber intelligence to improve security operations and support efforts to prepare for, monitor, detect, analyze/confirm, contain, remediate, and recover from security incidents.
Identify process improvements that support the protection of computers, networks, software, data and information systems against possible attacks.
Provide technical guidance and support the implementation and on-going operations support of new security solutions.
Conduct research of emerging security threats.
Accountable for the SOC metrics and reporting capabilities.
Provide guidance on Forensic investigations.
Manage response to alerts from various monitoring systems and platforms to address potentially malicious events in a timely manner Technical Competencies and Experience:
Experience designing and operating one or more of the following SOC solutions:
Service manager solutions: ServiceDesk, Remedy, Archer, ServiceNow
SOC/SIEM solutions: QRadar, Wazuh, ArcSight, LogRhythm, Fireeye
Configuration management solutions: Solarwinds, Opsware, CVS
Forensics solutions: CAINE, EnCase, SIFT, Kali
Networking: Cisco, Juniper, Checkpoint; WAN/LAN network design; Application Firewalls
Operating Systems: Windows, Unix, Linux
Database: Oracle, SQL, MySQL
Other: PhishMe, Crowdstrike
Experience and understanding of the Information Security Environment, Concepts and Operations:
Deep experience with information security in the domains of cyber threat intelligence and analysis, security monitoring and incident response.
Demonstrated ability to guide, mature and work with the security operations team to build a best-in-class security operations center
Experience applying structured analytical methodologies to threat monitoring and intelligence analysis.
Knowledgeable in the development of incident response playbooks, ensuring response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
Understanding of global laws and regulations as it pertains to information assets.
Experience with Network protocols and packet analysis tools.
Knowledge of SSL/TLS, HTTP, DNS, SMTP, IPsec, PKI, proxies, TCP/IP, VM, Wireless, VPN\
Solid understanding of cloud based critical infrastructure systems security threats
Serves as a subject matter expert (SME) for performing security and threat assessments
Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
Experience with automating manual processes related to audit and compliance.
A solid foundation in compliance frameworks and security management standards (e.g. ISO 27001/27002, COSO, COBIT, ITIL, NIST, HIPAA, SOX and PCI)
Exhibit a broad knowledge and adherence to security policies and procedures.
Strong understanding of compliance requirements that may impact security and works with business areas and project teams to develop security solutions that address these requirements.
Preferred Certifications: CISSP, GSEC, GCED, or GISF
Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical/IT field and/or at least 7 years of relevant experience.
Available to work off hours during the evenings and weekends as required, sometimes with little advanced notice.
All Information Security roles require CISSP certification. Candidates without the certification must be able to pass the exam within the first 15 months of starting the role. P&G provides study preparation and exam cost coverage.
Role requires working from the Procter & Gamble Manila, Philippines location.
Job: Information Technology
Title: Cyber Security Defense Operations Manager
Location: PH-National Capital-Manila
Requisition ID: IT 00001394