Cyber Security Operations Center Manager
As part of its security strategy, Logitech is expanding its cybersecurity team and is looking for a Manager of its Cyber Security Operations Center.
The successful candidate must be a strong security leader and have extensive experience in threat hunting, vulnerability management and security incident management, along with a combination of technical and management skills.
You will supervise a team of SOC analysts and work closely with the other security and IT managers, based in the US (California, Washington), Europe (Switzerland, Ireland) and Asia Pacific (India, Taiwan).
Be Yourself. Be Open. Stay Hungry and Humble. Collaborate. Challenge. Decide and just Do. These are the behaviors you’ll need for success at Logitech. In this role you will:
Keep abreast of security adversaries, alerts and vulnerabilities and advise relevant stakeholders on the appropriate courses of action.
Manage the day-to-day activities of threat management, identify risk tolerances, recommend treatment plans and communicate about residual risk.
Analyse threat indicators and warnings and identify malicious cyber activities.
Monitor reports and security logs for unusual events. Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
Lead the vulnerability management program, to include scanning, reporting and risk analysis.
Perform control and vulnerability assessments to identify control weaknesses, assess the effectiveness of existing controls.
Partner with stakeholders to drive down vulnerabilities and develop mitigation strategies.
Develop and generate metrics to show the efficiency of the program and where the areas of greatest risk are within the environment.
Incident detection and response
Manage and coordinate operational components of incident management, including detection, response and reporting.
Coordinate the development of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event.
Manage all security incidents, and coordinate the teams participating in security incidents.
Support and maintain response strategy to severe incidents.
Maintain a knowledge base comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
Organize security incident dry-run exercises to test the robustness of incident response capabilities.
Participate in security investigations and compliance reviews, as requested by internal or external auditors.
A set of security tools is already existing: LogRhythm, Rapid7 InsightVM, Demisto. In this role, you will review the outputs from these tools and have the opportunity to improve the existing setup or implement additional services.
6+ years of IT and security experience in security operations, system and network security and application security.
2+ years of experience leading or serving as a senior member of a security operations team.
Strong leadership skills and the ability to guide others during incident and crisis management.
Knowledge of current and emerging technologies and tactics used within a SOC and how they can be applied to improve efficiency and effectiveness.
Knowledge of incident response and threat hunting techniques.
Understanding of the information security industry and the current threat landscape.
Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
Poise and ability to act calmly and competently in high-pressure, high-stress situations.
Ability to quickly assess complex situations and take appropriate action, such as during security incidents.
Strong communication skills, especially with diverse audiences; excellent written skills.
Ability to tune correlation rules and outcomes via security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms.
Experience in system technology security testing (vulnerability scanning and penetration testing).
Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
Knowledge of major security protocols and frameworks including PKI, SAML, OAuth, TLS, IPSec, VPN.
Comprehension of network security and related technologies including intrusion detection and prevention, WAF, NGFW, DMZ design, network segmentation.
High level of personal integrity, and the ability to professionally handle confidential matters.
Bachelor's degree in Computer Engineering, Information Security, or equivalent
Logitech is the sweet spot for people who are passionate about products, making a mark, and having fun doing it. As a company, we’re small and flexible enough for every person to take initiative and make things happen. But we’re big enough in our portfolio, and reach for those actions to have a global impact. That’s a pretty sweet spot to be in and we’re always striving to keep it that way.
“All qualified applicants will receive consideration for employment without regard to age, race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.”
If you require an accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at +1 510-713- 4866 for assistance.