Manager - Cyber Response Operations Center

Security and Risk Management Dublin, Ireland


Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!

Role

The Cyber Response Operations Centre Manager, reports to the Sr. Manager, of Cyber Threat Response Operations. The role is based in Dublin, Ireland or Remote. In this role, you will be responsible for the day-to-day operations of the Cyber Response Operations Centre team. You will have a deep understanding of Information Security principles coupled with solid grasp of what it takes to run a key team within Splunk and a strong desire to learn and grow. We are a passionate team who has fun, enjoys a good laugh but above all else thinks security first!

Responsibilities

  • Lead day-to-day functions of the Cyber Response Operations Centre to monitor, track and analyze Threat and emerging threats in service of the defence of the enterprise.
  • Understand the sophisticated threats that Splunk may be exposed to and lead dissemination of that information in a pragmatic way
  • Maintain team resources to support business & operational needs
  • Establish and sustain service level goals with key business partners while seeking opportunities to improve upon them
  • Raise issues to leadership in a timely manner with appropriate information regarding risk, action times, and root cause analysis
  • Develops program metrics and reporting frameworks, compiles and analyze data for accurately timely reporting of activity
  • Drive prioritizations and focus across several cross-functional service areas to provide useful intelligence
  • Establish and maintain relationships with industry partners to continuously improve Splunk's defensive posture
  • Define strengths you'll need of intelligence and hunt practitioners to ensure continuous development of internal resources
  • Build technical briefs and speak to customers and partners about Splunk’s use of Splunk security products, and how we improve our partner ecosystem.
  • Handle direct management of SOC Analysts internationally

Requirements

  • At least 3 years experience managing a SOC, incident response, or similar team
  • At least 5 years experience working in a SOC.
  • Ability to build positive relationships internally and externally, in-person and virtually
  • Detailed understanding of the MITRE ATT&CK Framework and/or the Cyber Kill Chain
  • Demonstrated ability to identify, coordinate and respond to security incidents using commercial and/or open source technologies.
  • Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures (TTPs)
  • Advanced understanding of attacks impacting a cloud native environment
  • Ability to summarise events/incidents effectively to different constituencies such as legal counsel, executive management and technical staff, both in written and verbal forms.

We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

Thank you for your interest in Splunk!