Job Qualifications
Job Responsibilities:
-Mentor SOC Analysts and perform knowledge transfer to other teams as required.
-Responsible for driving daily, weekly, and monthly metrics for statistical threats and KPIs.
-Ensure that Service Level Agreements are defined, tracked and obtained.
-Develop strategic plans and projects to meet Global Security and SOC goals and objectives.
-Determine staffing requirements: recruiting, hiring, training, development, and retention of qualified
team members.
-Responsible for security analysis, administration and remediation procedures, workflows and tasks.
-Be a leader in the expansion and growth of the SOC; drive integration of new products and services
to our clients.
-Ensure that Standard Operating Procedures are being created and followed by the team.
-Identifies opportunities to improve security monitoring and operational tasks.
-Evaluate existing SIEM rules, filters, events and use cases and adapt to meet the business requirements.
-Maintain awareness of trends in security regulatory, technology, and operational requirements.
-Assist in implementation of new SOC tools and applications and processes.
-Direct and approve the design of security systems;
-Ensure that disaster recovery and business continuity plans are in place and tested;
-Approve identity and access policies;
-Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;
-Maintain a current understanding the IT threat landscape for the industry;
-Ensure compliance with the changing laws and applicable regulations;
-Translate that knowledge to identification of risks and actionable plans to protect the business;
-Schedule periodic security audits;
-Oversee identity and access management;
-Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced;
-Manage all teams, employees, contractors and vendors involved in IT security, which may include hiring;
-Provide training and mentoring to security team members;
-Constantly update the cyber security strategy to leverage new technology and threat information;
-Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget; and
- Communicate best practices and risks to all parts of the business, outside IT.
- Review and approve security policies, controls and cyber incident response planning;
Job Requirements:
-Bachelor of Science in Information Technology/Information Security, Computer Science, Engineering, equivalent technical discipline or equivalent years of related experience
-Experience managing a security operations center.
-In-depth familiarity with security policies based on industry standards and best practices.
-Working knowledge of SIEM technologies.
-Incident management process development and/or incident management experience
-Ability to lead and communicate efficiently within a team environment.
-Great customer service skills
-Professional certifications to include CISSP, SANS GIAC, SANS GCIH
-Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls,
Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data
Loss Prevention (DLP), Identity and Access Management (IAM).
-Excellent English Communication skills both verbal and written
