Head of Secure Services

Wiki > Head of Secure Services

JOB DESCRIPTION

I. JOB DETAILS

Job Title

Secure Services Head

Business Unit (BU) or Functional Unit (FU)

Secure Services

Division

Operations

Department

N / A

Reporting Supervisor

COO

Number of Staff Supervised

Direct Reports: 5

Total: TBD

Job Titles of Direct Reports

·      Penetration Testing & Incident Response

·      System forensic /clean up

·      Security Analytics

·      Managed security services

·      Governance, Risk, and Compliance

Budget Responsibility

TBD

Grade

TBD

II. JOB PURPOSE

Lead planning and implementation of the delivery of secure services, including penetration testing services, incident / threat response, systems forensics, secure managed services, security policies and information governance development, and compliance analysis

III. KEY RESPONSIBILITIES

Functional
(Process/Technical

/Operational)

  • Develop strategies to expand the portfolio of services offered and improve the efficiency and consistency of service delivery
  • Interact with Governmental entities and other potential clients to define requirements for secure services; understand business challenges, respond with relevant solutions and ensure delivery of a consistent, industry-leading customer experience
  • Advise and make recommendations to the client regarding current status and emerging frameworks / tools/technologies
  • Supervise and manage delivery of services related to Network (wired and wireless), web-based applications, systems, and database penetration tests and vulnerability assessments, manage results and ensure all recommendations to the Government and other clients are well documented and provisioned in a clear, unambiguous language
  • Supervise and manage delivery of physical and logical security assessments and audits
  • Supervise and manage delivery of forensics investigations, examinations, and analysis, recovery
  • Supervise configuration and provision of managed services along with maintenance of equipment, facilities, tools and technologies
  • Vet development of security policies, controls, and standards before being dispatched to clients; similarly, vet risk assessments and compliance audits, evaluation and testing of hardware, firmware and software for possible impact on system security, and investigation and resolution of security incidents
  • Maintain current knowledge of industry trends, topics, methodologies and core technologies in order to assimilate client needs and design appropriate technical solutions
  • Ensure engineers and staff are being trained both on-the-job and in a formal setting
  • Ensure appropriate documentation for each step is taken and all recommendations to the Government and other clients are being implemented
  • Lead modification and enhancement of proposals

Financial

  • Ensure adherence to operating budget of Secure Services Unit

People

  • Develop talent within the team by providing consistent direction and support to achieve stretch targets and take leadership positions
  • Manage the team on a daily basis including resolving issues and maintaining high motivation levels within the team
  • Complete accurate, objective and fact-based performance appraisals for all direct reportees on time
  • Provide input to performance appraisals of peers
  • Provide input to recruitment plan for Level-3 and Level-4 positions
  • Provide support and input to Level-3 succession plan and provide support, input and endorsement to Level-4 succession plan
  • Review and validate grading structure as necessary

 

  1. KEY PERFORMANCE INDICATORS

Measurable Deliverables

  • TBD
  1. JOB REQUIREMENTS

Minimum Qualifications and Technical Skills

  • Masters degree in Related Security field, Computer Science, IT
  • Eight to twelve years specialized experience in the following areas: Network and systems application penetration tests, physical security assessment, cyber forensics analysis and investigations, security policies development and auditing, security architecture auditing
  • Very good understanding of core Internet protocols
  • Very good understanding of operating system and file system fundamentals
  • Very good understanding of encryption fundamentals
  • Knowledge and experience with security controls for operating systems
  • Strong understanding of complex network architectures and how security controls fit into the architecture
  • CSSLP, CISSP, GCIA, GCIH certifications are a plus

Behavioural Skills

  • Planning and organization skills
  • Strategic orientation
  • Project management skills
  • People management skills
  • Communication skills

Language Skills

  • English
  • Arabic is a plus

Specific experience

  • Should have been in a leadership role for at least 7 years

Overall experience

At least 12 years

  1. KEY INTERACTIONS

Key Internal Contacts

Key External Contacts

  1. Board of Directors
  2. CEO
  3. COO
  4. CFO
  5. All BU / FU Heads