Schedule type: Full Time
Employment type: Permanent
As we continue to grow our Managed Security services, we are now looking to bring an experienced SOC Manager to lead the growing team and help build our next generation SOC.
As a SOC Manager, you will be responsible and accountable for the security of both Secon’s managed customers and well as our internal systems. You will also be responsible for maintaining our proprietary Managed Detection and Response (MDR) platform (ConnectProtect).
Roles and responsibilities:
- Build, lead and manage Secon Cyber’s Security Operations Centre team
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring
- Ensure compliance to SLA, process adherence, and process improvisation to achieve operational objectives
- Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for SOC
- Understand security incidents and the likely impact these will have on business networks and in turn their business operations
- Act as an escalation point for the Security Engineers in an event of a major security incident
- Implement and maintain cyber response playbooks for key security incident scenarios
- Create and maintain procedural documentation
- Creation of reports, dashboards, and metrics for SOC operations and presentation to practice leads and executive leadership
- Summarise events/incidents effectively to different constituencies such as legal counsel, executive management, and technical staff, both in written and verbal forms
- Managing the chain of custody for all evidence collected during incidents and security investigations
- Review and evaluate work of subordinate staff and prepares performance reports
- Ensure shift patterns and schedule covers 24×7 operations
- Maintain all SIEM rules
- Inspect, validate, and maintain threat intelligence sources
- Create new solutions or procedures to enhance the team’s functions
Skills and experience:
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
- Finger on the pulse with the latest developing trends in cyber-attack techniques, cyber kill chain, and effective compensating mitigation and detection controls
- Understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory
- Knowledge and experience working with security tools used to monitor business environments (SIEM, netflow, IDS/IPS, vulnerability management, advanced malware detection, EDR, AntiVirus etc).
- Knowledge and understanding of up-to-date security threats and common exploits
- Knowledge and understanding of several operating systems, such as Windows and Linux distro’s
- Knowledge and understanding of physical appliances (firewall, web or mail proxy)
- Knowledge and understanding of tools used for penetration testing
- Experience in security device management, SIEM and security tools
- Experience in multiple vendor product behaviour and logging, such as Microsoft, Sophos, Trend Micro, Check Point, Forcepoint, Cisco, etc.
- Experience in endpoint, messaging, and gateway solutions and protocols.
- Proficient in incident management and response
- Experience in threat management
- Proficient in preparation of reports, dashboards, and documentation
- Excellent verbal and written communication skills
- Leadership skills in managing a team remotely
- Some experience in malware analysis (static or dynamic)
- Understanding on change management
- Proficient in several programming languages such as Bash, Python, PowerShell, VBScript
- Familiarity with Azure Sentinel and Kusto Query
- Commitment, integrity, and passion are essential for this role to help drive success of Secon.
- Be a key team player and assist where needed for the success of Secon.
- Strong work ethic and motivated with demonstrated ability to develop and grow relationships.
- Ability to handle high pressure situations
Minimum qualifications/technical and educational requirements:
- A bachelor’s degree or equivalent work is required.
- 5+ years of leadership/management experience
- 10+ years relevant experience in the field
- MSSP SOC leadership/management experience
- Cyber security certifications one or more: CEH, CISSP, GCIH, GSEC, GCIA, GMON, or equivalent
- Demonstrated experience with managing and ensuring the timely response and investigations of security events and incidents
- Experience implementing and adhering to various control frameworks and regulatory compliance programs, particularly NIST / NCSC and PCI
Secon is an equal opportunities employer. To apply, click ‘Apply now’ or send your CV to [email protected].