The SOC Manager will plan, direct and control the functions and operations of the 24/7 Security Operations Center (SOC). Monitor and analyze security incidents to protect client information and assets from unauthorized access, misuse, modification or destruction. Develop and maintain an incident response program to address all security incidents and ensure timely escalation to the appropriate personnel and/or 3rd parties. The SOC Manager is also responsible for the compliance of all process and procedures, interactions and escalations.
Principal duties and responsibilities
- Direct the functions, processes, and operations of the SOC and ensures policies and procedures are followed.
- Lead the operations of the SOC to ensure optimal identification / resolution of security incidents and enhance client security.
- Manage the collection, documentation and research of security incidents received via the SOC.
- Monitor key performance indicators, determine gaps in performance metrics, and recommend / execute change management processes for efficiency and quality improvements.
- Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence / forensic artifacts required for additional investigations.
- Develop appropriate response strategies based on intelligence received.
- Oversee the monitoring, identification and resolution of security incidents to detect threats through analysis, investigations and prioritization of incidents based on risk / exposure.
- Develop, maintain and submit SOC compliance reports.
- Analyze applications functionality and new technologies to optimize effective / efficient incident review by staff and minimize client risk.
- Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response techniques.
- Oversee and develop strategies to identify, detect, and prevent fraudulent activity.
- Provide direction, leadership and management of SOC personnel.
- Establish performance goals and priorities.
- Administer performance reviews for SOC personnel.
- BS / BA degree or equivalent combination of related work experience desired.
- 5+ years’ experience in cyber security incident response, SOC and / or attack analysis in a mission critical environment.
- 3+ years’ experience in a SOC leadership role.
- Advanced knowledge of best practice standards and procedures regarding information systems applications security, data security, and infrastructure security.
- Expertise and experience in security operational services: unified threat management (IDS/IPS web filtering, etc.), anti-virus, SIEM, DDOS / DOS, threat and vulnerability management, cyber investigations, and cyber security forensic investigations.
- Knowledge of various operating systems (Windows, Linux, VMWare, OSX).
- Hands on technical experience in analyzing TCP/IP traffic, especially HTTP(S), TLS, and DNS traffic.
- Hands on technical experience with reading and understanding scripts, basic knowledge in different languages including JS, PHP, HTML, HTML5.
- Self-motivated with a keen attention to detail and excellent judgement skills.
- Must have excellent writing and communication skills, strong communicator with the ability to maintain open communication with internal employees, contractors, managers, 3rd parties and customers.
- Ability to prioritize and drive to results with a high emphasis on quality.
- Desirable certifications include: CISM, Security+, CEH, GCIA, GCIH or similar.
Knowledge and Skills Preferred
- Excellent documentation and technical writing skills.
- Excellent analytical and problem solving skills.
- Superior customer service skills.
- Strong time management and multitasking skills.
|• FLSA: Exempt
• Medical Insurance
• Dental Insurance
• Vision Insurance
• $50,000 Life Insurance
|• Unlimited use bus/light rail passes
• Free lunch on weekdays (5 full-time chefs)
• Paid Time Off
• Discounted gym membership
• Company sponsored outings