REPORTS TO: CHIEF INFORMATION SECURITY OFFICER

JOB PURPOSE

The role holder is responsible for leading and overseeing the 24/7 Security Operations Center at Pearl Bank. The role entails managing threat detection, incident response, and security monitoring processes to ensure the banks’ information assets are protected against cyber threats. The SOC Manager plays a crucial role in aligning security operations with regulatory frameworks and supporting strategic objectives that promote resilience and operational continuity.

KEY RESPONSIBILITIES / KEY DELIVERABLES

Security Operations Oversight:

• Lead day-to-day operations of the Security Operations Center.
• Incident Response Management
  • Define and manage incident escalation protocols, IP playbooks, and response workflows.
  • Conduct root cause analysis and post-incident reviews with recommendations for improvement.
• Threat Intelligence & Humility
  • Integrate and operationalize threat intelligence feeds into SOC workflows.
  • Oversee proactive threat hunting and anomaly detection efforts.
• Technology & Tooling
  • Manage SIEM, SOAR, EDR/KDR, IDS/RIS, threat intelligence, and log management platforms.
  • Lead the turn-off, integration, and optimization of detection rules and automation workflows.
  • Assess and recommend security tools to enhance the SOC4 detection and response capabilities.
• Process & Policy Development
  • Develop and maintain SOC operating procedures and incident response documentation.
  • Ensure all operational activities align with ISO/IEC 27001:2022, NIST CSF, SWIFT CSF, pool Guidelines, and PCI DSS via requirements.
  • Continuously improve processes to reduce false positives and enhance response times in PTDM/TIP.
• Collaboration & Standardise Engagement
  • Liaise with internal fit, infrastructure, risk, legal, and compliance teams during incidents.
  • Collaborate with third-party MSSPs, incident response providers, and national court teams as necessary.
  • Support internal/external audits and regulatory inspections with evidence and reporting.
• Strategic Planning & Reporting
  • Develop and implement a strategic roadmap for SOC maturity.
  • Define, track, and report key performance indicators (KPIs) such as MTID, MTRI, Incidents launched, and SLA compliance.
  • Present monthly and quarterly reports to the CEO and executive leadership.

BUSINESS BEHAVIOURS

• Passion: Committed to excellence, delivering outstanding results and making a positive impact on our customers and stakeholders.
• Teamwork: Collabotates, mutual respect, and diverse perspectives, to achieve shared success and deliver greater value to the Bank.
• Integrity: Untold honesty, transparency, and accountability, ensuring ethical practices in every action.
• Innovation: Embrace creativity and forward-thinking, continually seek new solutions to enhance customer experience and drive business growth.

QUALIFICATIONS, EXPERIENCE AND COMPETENCIES REQUIRED

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field
• Professional certifications strongly preferred CISSP, CISM, GCM, CCHI, CEH, or equivalent
  • Writing in years in cybersecurity, with 21 years in SOC leadership or equivalent roles.
• Experience operating a 24/7 SOC in a financial or regulated environment is an added advantage
  • Proven track record of handling incident response and managing security teams.
• Strong understanding of network security, cyber threat landscape, and incident response frameworks
  • Framilarity with common toolkets: SIEM, EDR/KDR, DLP, etc.

• Lead day-to-day operations of the Security Operations Center.
• Define and manage incident escalation protocols, IP playbooks, and response workflows.
• Conduct root cause analysis and post-incident reviews with recommendations for improvement.
• Integrate and operationalize threat intelligence feeds into SOC workflows.
• Oversee proactive threat hunting and anomaly detection efforts.
• Manage SIEM, SOAR, EDR/KDR, IDS/RIS, threat intelligence, and log management platforms.
• Develop and maintain SOC operating procedures and incident response documentation.
• Liaise with internal fit, infrastructure, risk, legal, and compliance teams during incidents.
• Collaborate with third-party MSSPs, incident response providers, and national court teams as necessary.
• Develop and implement a strategic roadmap for SOC maturity.
• Define, track, and report key performance indicators (KPIs) such as MTID, MTRI, Incidents launched, and SLA compliance.
• Present monthly and quarterly reports to the CEO and executive leadership.

• Strong understanding of network security, cyber threat landscape, and incident response frameworks
• Familiarity with common toolkits: SIEM, EDR/KDR, DLP, etc.

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field
• Professional certifications strongly preferred CISSP, CISM, GCM, CCHI, CEH, or equivalent
• Writing in years in cybersecurity, with 21 years in SOC leadership or equivalent roles.
• Experience operating a 24/7 SOC in a financial or regulated environment is an added advantage
• Proven track record of handling incident response and managing security teams.