Cyber Security Manager

The Manager, SOC reports to the Director, SOC and is responsible for overseeing a team of Security Analysts and for monitoring and analyzing security events and alerts using advanced security information and event management tools. The Manager, SOC supports the Security Operations team by serving as a point of contact to leadership, facilitating communication throughout the team, training and developing crucial skills with new team members, and monitoring team performance and improvement. This role identifies potential threats and initiates incident response procedures to mitigate risks and protect the organization’s systems and data. In addition, this role triages and reviews security ticket details, ensuring efficient handling by the appropriate personnel.

Key Responsibilities/ Duties:

• Serve as the point of contact and provides leadership to the team, coordinating and delegating tasks, setting goals, and establishing priorities.
• Facilitate open and transparent communication among team members, stakeholders, and other relevant parties.
• Monitor security events and alerts using advanced security information and event management tools, analyzing potential threats, and initiating incident response procedures.
• Review and triage security ticket details to ensure issues are handled efficiently by the proper personnel.
• Notify customer of all incoming tickets and any issues that will prevent workflow.
• Handle all customer requests including security configurations, reporting requests, investigations, and all error/issue identification.
• Troubleshoot product issues.
• Escalate tickets to upper management as necessary.
• Understand NIST standards, ISO compliance standards, government standards, how those standards impact business operations, and what organizations must do to meet those requirements.
• Execute products deployments and customer onboarding which includes configuring new products, scheduling and conducting necessary maintenance and upgrades, and provide ongoing product support.
• Provide support for the log management and security information and event management (SIEM) solutions.
• Ensure authorized access by investigating improper access, revoking access, reporting violations, and monitoring information requests.
• Provide installation, maintenance, upgrades, and troubleshooting of security applications and appliances across all functional departments.
• Perform other duties as assigned including work in other areas to cover absences or relief to equalize peak work periods or otherwise balance the workload.

Knowledge, Skills, Abilities, and Behaviors:

• Strong interpersonal skills and team-oriented attitude.
• Coachable and able to turn feedback into results moving forward.
• Strong desire to be in the security industry.
• Superior analytical and critical thinking skills.
• Understanding of how information travels.
• Familiar with incident response language.
• Well-rounded technical knowledge in Windows, Mac, Linux OS.
• Superior organization, facilitation, and leadership skills.
• Strong knowledge of current security threats, techniques, and landscape, and a dedicated and self-driven desire to research and learn more about the information security landscape.
• Review and triage experience with endpoint detection and response tools.
• Experience and knowledge related to the configuration and maintenance of security monitoring and reporting platforms.
• Familiar with proxy and web content filtering tools.
• Knowledge of a range of compliance, regulatory, and legal requirements and relevant principles, best practices, and standards across multiple industries (e.g., PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA, and TCG)
• Knowledge of the MITRE att&ck framework and cyber kill chains.

Education/ Experience:

• 10 years of security industry experience or equivalent skill level.
• 1-2 years of management experience.
• Bachelor’s degree in a relevant field is a plus but not required.
• Advanced understanding of policy and compliance.
• Advanced knowledge of scripting languages such as bash, powershell, python, KQL.
• Advanced experience securing an environment/incident response.
• Experience with system administration and network infrastructure is required.
• Experience with DNS and Active Directory.

Certifications:

• CISSP
• OSCP, CCSP, CASP preferred.

Physical Demands:

Sedentary Work – Exerts up to 10 pounds of force occasionally, a negligible amount of force frequently, and/or constantly having to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time.

Disclaimer:

The above information in this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.