Description of Position:
We are looking for a Team Lead for our Security Operations Team, you will be focused on maintaining a secure Cloud presence supporting our customers around the globe. Your team of security and vulnerability analysts will focus on identifying, alerting, investigating, responding to and reporting on cyber threats.
As a SOC Lead, you will provide oversight for the Security Operations Center which provides real-time cybersecurity monitoring, event detection and triage, incident analysis, coordination and response, situational awareness, and cybersecurity countermeasure implementations for maintaining a secure cybersecurity and information assurance posture. Experience building a Security Operations Center and team would be ideal.
Tasks and Responsibilities:
Establish a fully functional Security Operations Center (SOC) as part of the Service Delivery Enterprise Operations Support Center.
Mentor and lead a highly functional Security Operations team.
Ensure security monitoring, analysis and incident response for cybersecurity events in a highly available SOC protecting global Cloud customer data centers and environments.
Utilize and enhance the tools comprising our Security Information and Event Management (SIEM) system.
Investigate, document, and report on information security issues and emerging trends.
Maintain 24x7x365 comprehensive situational awareness of customer cyber-threat landscape as it relates to security monitoring.
Deliver expert advice to stakeholders regarding the security status of customer environments.
Analyze and report on the cyber-threat intelligence situation regarding observed activity from security tools.
Develop Security processes and procedures.
Contribute to the development and improvement of security monitoring and incident response processes.
Effectively communicate with all parties, especially stakeholders.
Possess knowledge of contractual obligations, services provided, company policies and procedures.
Create a team environment and improve/sustain employee morale.
Collaborate effectively across multiple teams.
Required skills, abilities, and certifications
Bachelor’s degree in Computer Science, Information Technology, or equivalent experience.
5-6 years of related technical experience.
Experience using McAfee enterprise, Nexpose, Darktrace or similar security applications.
GCIH, CISM or CISSP certification.
4-5 years of experience providing security monitoring and incident response services
Act as an internal expert on matters relating to intrusion detection and incident response
Experience as a Senior Security Analyst
Experience leading a team
Experience with Security Operations Center, network event analysis and/or threat analysis
Knowledge of various security methodologies and technical security solutions
Experience analyzing data from cybersecurity monitoring tools
Ability to analyze endpoint, network, and application logs
Experience tuning and/or configuring SIEM and vulnerability tools
Knowledge of common Internet protocols and applications
Scripting experience in Linux or PowerShell preferred
The ability to multitask and maintain a professional demeanor under pressure.
Possess understanding of Information Technology Infrastructure Library (ITIL) principles at a foundational level.