Enable job alerts via email!
Incident Response Manager
ADIB - Abu Dhabi Islamic Bank
Abu Dhabi
On-site
AED 120,000 - 160,000
Full time
6 days ago
Be an early applicant
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is seeking a skilled Incident Response Manager to lead its Cyber Security Incident Response unit in Abu Dhabi. This pivotal role involves overseeing day-to-day operations, managing SOC shifts, and collaborating with internal teams and external partners to ensure effective responses to security incidents. The ideal candidate will possess strong leadership skills, hands-on experience in managing complex security incidents, and a deep understanding of the cyber threat landscape. Join a dynamic team where your expertise will drive the development of innovative incident response strategies and enhance the organization's security posture.
Qualifications
- 10+ years in information security, focusing on incident management and response.
- Hands-on experience managing L3 security incidents from detection to resolution.
Responsibilities
- Lead Cyber Security Incident Response unit and manage SOC operations.
- Develop incident response strategies and oversee incident management processes.
Skills
Incident Management
Crisis Management
Leadership
Cyber Threat Landscape Knowledge
Communication Skills
Information Security Principles
Attention to Detail
Education
Bachelor's degree in Engineering, IT, or related discipline
Relevant cybersecurity certifications (e.g., CISSP, CISM)
Tools
NIST Framework
MITRE ATT&CK
ISO 27001
PCI DSS
Job description
Role: Incident Response Manager
Location: Abu Dhabi
Role purpose:
- The Incident Response Manager will lead the Cyber Security Incident Response unit, oversee its day-to-day operations and manage the SOC shifts.
- This role requires collaboration with various internal teams and departments, as well as external partners and cybersecurity agencies, to ensure an effective and timely response to all security incidents.
- The manager must demonstrate strong leadership skills, encourage teamwork, optimize team performance, and develop incident response strategies.
- Additionally, this position demands hands-on expertise in handling complex L3 security incidents from detection to disposition, including leveraging AI-driven threat detection and automated incident response tools.
- The role also requires strong crisis management and stakeholder communication skills to effectively coordinate during high-impact security events.
Key accountabilities of the role:
Leadership and strategy:
- Lead the Cyber Security Incident Response unit, managing both the day-to-day operations and the strategic development of incident response capabilities.
- Develop, oversee, and refine incident response plans, playbooks, and strategies to ensure rapid and effective response to security breaches.
- Maintain and enhance information security monitoring processes, tools, and technologies, driving continuous improvements and reducing gaps between current and ideal states.
- Demonstrate adaptability and innovation to address evolving threat landscapes, continuously enhancing the response approach.
- Incident Management:
- Directly handle L3 security incidents, overseeing their detection, analysis, containment, and resolution.
- Supervise the staff’s utilization of security monitoring tools and ensure high levels of team performance and engagement.
- Coordinate with threat intelligence, monitoring teams, and other security functions to effectively communicate incident findings to leadership and relevant stakeholders.
- Implement and maintain robust incident response frameworks, including industry standards such as NIST, MITRE ATT&CK, and best practices for coordinated response efforts.
- Prepare and present post-incident reports, including lessons learned and recommendations for preventive measures, to executive management.
- Experience in crisis management and business continuity planning.
Operational efficiency:
- Manage SOC shift schedules to ensure 24/7 coverage and effective resource utilization.
- Provide detailed reports on incident investigations, root cause analyses, and mitigation strategies, contributing to the organization’s continuous improvement efforts.
- Develop and track key performance metrics for incident management and response, reporting outcomes to senior management.
- Maintain strong relationships with internal and external stakeholders to support the incident, problem, and change management cycles.
- Facilitate effective communication during incidents, ensuring that stakeholders are informed of progress and resolution steps.
Specialist skills / technical knowledge required for this role:
- Proven experience in managing security operations centers and incident response teams.
- Demonstrated capability in hands-on management of L3 security incidents from detection through to disposition.
- Strong leadership skills with the ability to motivate and guide teams.
- Expertise in information security principles, the cyber threat landscape, and incident response protocols.
- Excellent communication and interpersonal skills to interact with various business units and IT departments.
- Knowledge of ISO 27001, NESA, PCI DSS, SWIFT, and other information security standards and regulations.
- Familiarity with incident response frameworks (NIST, MITRE ATT&CK) and best practices in managing cybersecurity incidents.
- Ability to manage multiple tasks with high attention to detail and organizational skills.
- Bachelor’s degree in engineering, IT, or a related technical discipline.
- Relevant certifications in cybersecurity and incident management (e.g., CISSP, CISM, GCFA, GCIH).
Previous Experience:
- More than 10+ years of experience in information security, particularly in incident management and response within banks or financial institutions.
- Strong experience in monitoring and incident handling techniques and tools.
- Experience managing a Computer Incident Response Team (CIRT), Computer Security Incident Response Center (CSIRC), or Security Operations Center (SOC).
- Executive experience including management-level discussions.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
