SOC Team Lead

The Security Operations Centre (SOC) Team Lead is responsible for managing and developing Infotrust's SOC capability to meet Infotrust's business objectives and deliver on Infotrust's contracted services. The SOC Team Lead is a senior member of Infotrust's managed services and works with senior internal stakeholders such as the Global SOC Team Lead, the Advanced Threat Response Unit Lead, relevant technical Principals and Service Delivery Managers to ensure the SOC delivers on Infotrust's contractual obligations and does so optimally and with efficacy.

In addition, the SOC Team Lead is a technical lead and mentor for the SOC in security operations, incident response, vulnerability management, use of threat intelligence and SOC operational process and procedures. When required, the SOC Team Lead will need to be able to represent the SOC and SOC delivered services to Infotrust clients and be able to speak to matters relating to service performance, maturity, and general cyber security issues.

The SOC Team Lead is responsible for leading and managing the Manila based SOC analyst team. The SOC Team Lead drives the continuous improvement of Infotrust's SOC delivered services, ensuring an optimal standard of platform and Standard Operating Procedure (SOP) development.

Responsibilities

v Lead the Security Operations Centre (SOC) in Manila, including mentoring staff, maintenance of the Infotrust asset inventory, capacity monitoring and reporting, and roster updates.

v Day to day leadership and development of the SOC team, including coaching, development plans, individual training, and collective training outcomes.

v Develop and maintain industry leading capability in services delivered by the SOC (for Infotrust and clients), including but not limited to security event management, incident response and security operations.

v Drive operational readiness through planning for and participating in assessments, exercises and rehearsals.

v Maintain and deliver on Service Level Agreements, Standard Operating Procedures (SOPs) and instructions.

v Ensure an industry best practice for client reporting generated by the SOC, including insights and recommendations.

Key Competencies & Experience

Technical Knowledge

v 8-10 years within information security, including analyst or engineering roles.

v In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors and various types of security controls.

v Knowledge of various operating systems including Windows, Linux and Mac.

v Working knowledge of network and endpoint security, countermeasures, sensors and products.

v Working knowledge of security event log analysis and incident handling.

v Working knowledge in SIEM queries and integrations.

v Working knowledge and experience with ITSM tools.

v Enterprise system administration experience is advantageous.