Jobs at Redbud Cyber Security Recruiting

View all jobs

Security Operations Team Lead

Remote, Remote

Description of Position:

We are looking for a Team Lead for our Security Operations Team, you will be focused on maintaining a secure Cloud presence supporting our customers around the globe. Your team of security and vulnerability analysts will focus on identifying, alerting, investigating, responding to and reporting on cyber threats. 

As a SOC Lead, you will provide oversight for the Security Operations Center which provides real-time cybersecurity monitoring, event detection and triage, incident analysis, coordination and response, situational awareness, and cybersecurity countermeasure implementations for maintaining a secure cybersecurity and information assurance posture. Experience building a Security Operations Center and team would be ideal.

Tasks and Responsibilities:

  • Establish a fully functional Security Operations Center (SOC) as part of the Service Delivery Enterprise Operations Support Center.

  • Mentor and lead a highly functional Security Operations team.

  • Ensure security monitoring, analysis and incident response for cybersecurity events in a highly available SOC protecting global Cloud customer data centers and environments.

  • Utilize and enhance the tools comprising our Security Information and Event Management (SIEM) system.

  • Investigate, document, and report on information security issues and emerging trends.

  • Maintain 24x7x365 comprehensive situational awareness of customer cyber-threat landscape as it relates to security monitoring.

  • Deliver expert advice to stakeholders regarding the security status of customer environments.

  • Analyze and report on the cyber-threat intelligence situation regarding observed activity from security tools. 

  • Develop Security processes and procedures.

  • Contribute to the development and improvement of security monitoring and incident response processes.

  • Effectively communicate with all parties, especially stakeholders.

  • Possess knowledge of contractual obligations, services provided, company policies and procedures.

  • Create a team environment and improve/sustain employee morale.

  • Collaborate effectively across multiple teams.

Required skills, abilities, and certifications

  • Bachelor’s degree in Computer Science, Information Technology, or equivalent experience.

  • 5-6 years of related technical experience.

  • Experience using McAfee enterprise, Nexpose, Darktrace or similar security applications.

  • GCIH, CISM or CISSP certification.

  • 4-5 years of experience providing security monitoring and incident response services

  • Act as an internal expert on matters relating to intrusion detection and incident response

  • Experience as a Senior Security Analyst

  • Experience leading a team

  • Experience with Security Operations Center, network event analysis and/or threat analysis

  • Knowledge of various security methodologies and technical security solutions

  • Experience analyzing data from cybersecurity monitoring tools

  • Ability to analyze endpoint, network, and application logs

  • Experience tuning and/or configuring SIEM and vulnerability tools

  • Knowledge of common Internet protocols and applications

  • Scripting experience in Linux or PowerShell preferred

  • The ability to multitask and maintain a professional demeanor under pressure.

  • Possess understanding of Information Technology Infrastructure Library (ITIL) principles at a foundational level.

Powered by