Manager

Job Description

Roles and Responsibilities:The Security Operations Manager is responsible for leading the day-to-day operations of the SOC Analyst staff. The role coordinates and works with the SOC Analysts to make sure that the analysts, processes, and technology are meeting the SOC security monitoring, analysis, and escalation objectives, organization service level agreements, objectives, and metrics. They are also responsible for communicating with the executive level management team (when deemed necessary) and serving as the principle liaison coordinating incident response functions. In addition, the SOC Manger will: Lead the 24x7 delivery team, foster innovation, and drive accountability within SOC engineering. Oversee the daily activities of the SOC to ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies. Ensure escalation of cases to the appropriate teams. Conduct follow-up meetings of escalated or noteworthy cases and modifies SOPs and playbooks based on policies, standards and best practices learned from previous cases. Provide technical oversight for security tool deployment and implementation . Continuously monitor levels of service as well as interpret and prioritize threats through use of intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed. Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough review and analyses of relevant event detail and summary information. Monitor and proactively mitigate information security risks. Coordinate shift schedule and deployment of staffing within the established structure. Manage regular, holiday, illness, vacation and emergency scheduling. Keep current with the latest vendor updates, expansion opportunities, and technology directions, utilized in the Clients environment. Ensure daily operational processes effectively support SOC operations objectives. Ensure the Director of Cybersecurity Services is aware of any issues or incidents. Own the successful completion of all daily operational processes and procedures. Ensure analysts follow existing procedures and all procedures are documented in accordance with local guidelines. Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change. Manage staffing, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions.Required Technical skills: Minimum 7 years Security leadership, with experience building long-term career development plans for team members at all levels. Exceptional operational rigor with extensive real-world experience in ITIL methodologies and frameworks for IT operations. Experience in designing, implementing and measuring relevant security and technology management critical success factors, key performance indicators, and metrics . Ability to create shift schedules to ensure 24x7 coverage by support personnel . In-depth knowledge of modern security concepts and how to apply the Advanced scripting knowledge of PowerShell, bash/ksh/sh, Cisco IOS.sh, JunOSsh/csh, Perl, Tcl, Lua. 4-6 years experience with C, C++, C#, Python, HTML, JavaScript, .NET Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap. 4-6 years experience with SIEM tools (Qradar, Splunk, Logrhythm, Solarwinds, etc.). 4-6 year s experience in Azure Sentinel. Familiarity with common IDS/IPS and Firewalls (Snort, Cisco, Fortigate, Sourcefire). Knowledge of Windows, Unix-based systems, architectures, and network security devices . Intermediate level of knowledge of LAN and WAN technologies. Knowledge of networking protocols and security implications. 4-6 year s experience with Incident Response activities . Experience with packet analysis and packet capture tools. Expert knowledge of security best practices and concepts.Qualifications:Masters or Bachelors degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field. Demonstrated understanding of Information Security and Networking required Demonstrated technical knowledge of current network security, network hardware, protocols, and standards required Proven ability to diagnose and troubleshoot technical issues required Proven ability to make decisions and perform complex problem-solving activities under pressure Previous management and project leadership experience required Demonstrated strong oral and written communication and client facing skills Flexibility to adapt to different types of engagement, working hours, work environments, and locations Proven ability to work creatively, analytically in a problem-solving environment Desired Certifications: Security+, C|EH, Network+, Certified Information Systems Manager (CISM), Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst, GIAC Certified Incident Handler, or GIAC Reverse Engineering Malware.,

Keyskills :
executive level managementkey performance indicatorskali linuxtesting toolsservice levelpacket captureproblem solvingcomputer sciencenetwork securitysecurity devicesnetwork hardwarecorporate liaison