Roles and Responsibilities:
The Security Operations Manager is responsible for leading the day-to-day operations of the SOC Analyst staff. The role coordinates and works with the SOC Analysts to make sure that the analysts, processes, and technology are meeting the SOC security monitoring, analysis, and escalation objectives, organization service level agreements, objectives, and metrics. They are also responsible for communicating with the executive level management team (when deemed necessary) and serving as the principle liaison coordinating incident response functions.
Required Technical skills:
- Minimum 7 years Security leadership, with experience building long-term career development plans for team members at all levels.
- Exceptional operational rigor with extensive real-world experience in ITIL methodologies and frameworks for IT operations.
- Experience in designing, implementing and measuring relevant security and technology management critical success factors, key performance indicators, and metrics .
- Ability to create shift schedules to ensure 24x7 coverage by support personnel .
- In-depth knowledge of modern security concepts and how to apply the Advanced scripting knowledge with languages like PowerShell, bash/ksh/sh, Cisco IOS.sh, JunOS sh/csh, Perl, Tcl, Lua.
- Familiarity with Azure Sentinel.
- Familiarity with common network vulnerability/penetration testing tools including, but not limited to, Metasploit, vulnerability scanners, Kali Linux, and Nmap.
- 4-6 year's experience with SIEM tools (Sentinel, Splunk, Logrhythm, etc.).
- Familiarity with common IDS/IPS and Firewalls (Snort, Cisco, Fortigate, Sourcefire).
- Knowledge of Windows, Unix-based systems, architectures, and network security devices
- Intermediate level of knowledge of LAN and WAN technologies.
- Knowledge of networking protocols and security implications.
- 4-6 year's experience with Incident Response activities .
- Experience with packet analysis and packet capture tools.
- Expert knowledge of security best practices and concepts.
Qualifications:
- Masters or Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field; or an equivalent experience in lieu of degree.
- Demonstrated understanding of Information Security and Networking required.
- Demonstrated technical knowledge of current network security, network hardware, protocols, and standards required.
- Proven ability to diagnose and troubleshoot technical issues required.
- Proven ability to make decisions and perform complex problem-solving activities under pressure.
- Previous management and project leadership experience required.
- Demonstrated strong oral and written communication and client facing skills.
- Flexibility to adapt to different types of engagement, working hours, work environments, and locations.
- Proven ability to work creatively, analytically in a problem-solving environment.
Desired Certifications:
Security+, C|EH, Network+, Certified Information Systems Manager (CISM), Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst, GIAC Certified Incident Handler, or GIAC Reverse Engineering Malware.
