Greetings from TechGinia Inc.!
We have an open position for SOC Manager for the location Norwalk, CT. If you have any consultant available for this role, kindly send me their resume.
Position: SOC Manager (Only USC/GC)
Location: Norwalk, CT
Job type: C2C
Job Description:
The SOC Manager will plan, direct and control the functions and operations of the 24/7 Shared Security Operations Center (SOC) catering to multiple customer. To monitor and analyse security incidents to protect client information and assets from unauthorized access, misuse, modification or destruction. Develop and maintain an incident response program to address all security incidents and ensure timely escalation to appropriate business units for validation/investigation. To ensure adherence to regulatory compliance, federal and state laws governing information security, customer identification program, personal identifiable information and assets. Monitor all intelligence sources to identify potential threats/compromises which may target the client and develop proactive strategies to minimize the impact of these threats.
Roles & Responsibilities:
- Lead and manage Security Operations Centre
- Primarily responsible for security event monitoring, management and response
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
- Responsible for security analysis, triage and escalation procedures, workflows and tasks
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Ensure that Service Level Agreements are defined, tracked and met across all SOC & MSSP customers
- Define, revise and develop processes to strengthen the Security Operations Framework, policies and managing SLAs
- Ensure that Standard Operating Procedures are created and followed by the team
- Responsible for team management, overall use of resources and initiation of corrective action where required for Security Operations Centre
- Management, administration & maintenance of security devices (e.g. Network Security, Data Security, email security, endpoint security, etc.) under the purview of Remote Security Device Management
- Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring & remediation
- Responsible for integration of standard and non-standard assets in core SOC platform(s)
- Creation of reports, dashboards, metrics for SOC operations and presentation to senior management and C-levels.
- Co-ordination with stakeholders, build and maintain positive working relationships with customers
- Maintain awareness of trends in security regulatory, technology, and operational requirements
- Mentor and guide different level of SOC Analysts and perform knowledge transfer to other teams as required
- Evaluate existing rules, filters, events and use cases within SOC platform and adapt to meet the business requirements
- Create shift schedules to ensure 24x7 coverage by support personnel
- Exceptional operational rigor with extensive real-world experience in ITIL methodologies and frameworks for IT operations.
Qualification
- 10+ years of experience in Cybersecurity and 3+ years managing/leading a Security Operations Centre
- In-depth familiarity with security policies based on industry standards and best practices
- Thorough knowledge of SIEM technologies, like Splunk/ArcSight/QRadar/Securonix /Exabeam/etc.
- Experience in designing, building and running security operations centres
- Incident management process development
- Experience with security device installations, configuration and troubleshooting (e. g., firewall, IDS, DLP, email security, etc.)
- Ability to lead and communicate efficiently within a team environment
- Demonstrated technical knowledge of current network security, network hardware, protocols, and standards required.
- Ability to create shift schedules to ensure 24x7 coverage by support personnel
- Proficiency with case management and ticketing systems
Desired Experience/Qualifications:
- Bachelor s Degree
- Professional certifications such as GIAC/GCIH/CISSP
- Strong Knowledge of: End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP)
Thanks
Sameer Kumar
TechGinia Inc.
Hangouts: sam.techginia@gmail.com
If you wish to unsubscribe from our newsletter, click here
No comments:
Post a Comment
Thanks
Gigagiglet
gigagiglet.blogspot.com