Manager, Security Operations Center (SOC)
The SOC Manager role is part of the SOC. Candidates in this role will oversee and coordinate the activities of SOC personnel and implement security assessment and incident response protocols. Candidates will coach personnel on technical issues and verify that they follow SOC policies to ensure all components are functioning optimally. Must establish and maintain metrics that help provide a high level of productivity, supportability, and operational readiness while also participating in project planning activities such as infrastructure enhancements and change management controls. Must have a proven track record in leading information security teams and technologies. Must have a general knowledge with regulatory and privacy laws.
Roles and Responsibilities:
- Manage a team of support administrators, engineers and/or technical leads within the Security Operations Center
- Develop service management strategies and identifying staff, tools and specialized support to ensure processes are providing maximum efficiency.
- Primarily responsible for security event monitoring, management and response
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
- Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
- Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
- Responsible for integration of standard and non-standard logs in SIEM
- Creation of reports, dashboards, metrics for SOC operations and presentation to Senior Management
- Coordination with stakeholders, build and maintain positive working relationships with them
- Responsible for team development including product training, threat analysis, SOC services and soft (people) skills
- Creation of career path framework from Tier 1 to Tier 3 and beyond.
- Support the internal sales team with customer relations
- Maintenance of regular cadence with customers to ensure satisfaction and continued service development.
- Bachelor’s degree or equivalent experience.
- 5+ years’ experience in IT Management or Operations Management in a multi-customer environment.
- High level of oral and written communication skills in order to communicate effectively with colleagues and stakeholders.
- Proficient in Incident Management and Response
- Experience in security device management and SIEM (AlienVault and Splunk)
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Experience in threat management
- Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
- Knowledge of applications, databases, middleware to address security threats against the same.
- Proficient in preparation of reports, dashboards and documentation
- Excellent communication and leadership skills
- Experience in performing vendor management
- Ability to handle high pressure situations with key stakeholders
- Good Analytical skills, Problem solving and Interpersonal skills
- Track record of strong leadership
- Desired Educational and Certification Qualifications: CEH, CISSP, PMP, GCIH, GSEC
- Analytical, relationship builder, change advocate, diplomacy, self-starter, planning and organization skills.
- Integrity, enthusiastic, respectful, accountable, achieves excellence, and consistently delivers quality service to team members and customers alike.
- Successful experience with and affinity for small to large size business environments.
- Ability to adapt and thrive in a dynamic work environment.
NOTE: This job description is not intended to be all-inclusive. This position may perform other related duties as requested to meet the ongoing needs of the organization.