MSSP Team Lead / Senior Cyber Security Engineer

Key Performance Indicators (KPIs):

• SLA adherence — all managed service tiers =100% on-time per tier SLA

• Security incident escalation and resolution =100% closed within agreed SLA window

• On-time threat detection and response =100% per company standard

• Vulnerability remediation within agreed timeframes =100% on-time (critical/high findings)

• Security patch compliance — managed endpoints = 100 % on current baseline

• Accuracy of security incident documentation =100%

• Engineer development plans completed = 100% of team active plans

• Compliance with security policies and standards = 100%

• Successful security audits completed = _Nos per year

• Process improvement initiatives implemented = _ Nos per quarter

• Lumora Fence / platform uptime = ≥ 99.5%

• Monthly managed services delivery report = By 2nd of every month

• Monthly review meeting and action plan with MoM = By 3rd of every month.

REPORTING AND REVIEWS

• Weekly Team enablement session to be conducted

• Analyze monthly team progress and present it to management.

• Weekly review meeting MoM to be mailed

• Monthly review meeting and action plan with MoM to be sent before 3rd

DETAILED JOB RESPONSIBILITIES

Team Leadership & People Management

• Lead, manage, and mentor 8 cybersecurity engineers; define roles, performance expectations, and run regular 1-on-1s, appraisals,

and career development reviews.

• Manage shift scheduling, on-call rotas, and workload distribution to ensure 24/7 coverage across all managed client environments.

• Identify skills gaps; coordinate certifications (CISSP, CISM, SC-200, Sophos, Zscaler ZDTA, BeyondTrust) and knowledge-sharing

sessions.

• Build and maintain a structured mentoring programme; serve as primary escalation for complex technical, client, and operational

issues.

Managed Security Service Delivery

• Own end-to-end SLA delivery across Lumora X, Lumora+, and Lumora Infinity — including 24/7 SOC monitoring via BluSapphire AR2,

Sophos XDR/MDR, and Lumora Fence.

• Act as senior escalation for critical incidents; lead triage, containment, and post-incident root cause analysis across People, Devices,

and Applications vectors.

• Oversee client onboarding onto Lumora Fence; manage vendor coordination across Sophos, Zscaler, BeyondTrust, Vicarius, FortiMail,

iZOOlogic, and Acronis.

• Review and approve vulnerability assessments, patch management reports, risk assessments, and all client-facing security

deliverables.

Technical Leadership & Vendor Stack Governance

• Provide technical governance across the full Lumora stack: People (Sophos Phish Threat, PowerDMARC, iZOOlogic), Devices (Sophos

XDR, Vicarius VRx, BeyondTrust PAM/PIM/PRA, Entra ID/Intune, Hexnode, Acronis), Applications (Zscaler ZIA/ZPA/CASB,

FortiMail/Workspace Security, BluSapphire SIEM/SOAR AR2).

• Evaluate emerging technologies; provide architecture guidance for new client deployments and cross-vendor integrations.

• Ensure optimal configuration and tuning of all platforms to maximise detection accuracy and meet SLA commitments.

Process, System & Structure Enhancement

• Design and enforce SOC playbooks, incident response runbooks, and escalation procedures aligned to MITRE ATT&CK and Lumora's

three-vector model.

• Drive SOAR automation within BluSapphire AR2; implement QA frameworks for all team outputs and client reports.

• Continuously assess and improve team workflows, tooling integrations, and service delivery structures; document all configurations,

baselines, and change logs.

Compliance, Governance & Reporting

• Ensure delivery aligns with UAE PDPL, NESA/SIA, ADHICS v2, PCI-DSS, ISO 27001:2022, and CIS Controls across all managed client

environments.

• Support audits, conduct risk assessments, and enforce security policies aligned to applicable UAE/GCC regulatory frameworks.

• Generate and present management reports on team performance, service delivery metrics, and client security posture; communicate

incidents and trends to technical and executive stakeholders.

• Develop and deliver client security awareness programmes using Sophos Phish Threat and Lumora's People-vector tooling.

Required Skills:

Technical Skills

• Proficiency in solution architecture across network security, endpoint, email, identity, and cloud domains.

• Ability to design and present multi-vendor security architectures.

• Solid understanding of SIEM/SOAR, EDR/XDR, PAM, email security, and DLP technologies.

Soft Skills

• Exceptional written and verbal communication in English (Arabic an advantage).

• Strong consultative selling and stakeholder management skills.

Ability to work independently and manage multiple concurrent pursuits.

‍