SOC Manager

The Pegasus Agency - New York, NY

SOC Manager

The Security Operations Centre (SOC) Manager will plan, direct and control the SOC functions and operations. Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation. Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimize the impact of the threat. The Security Operations Center Manager provides direction to both the senior and non-senior analysts as well as a liaison to the Security Engineering teams and other departments within the company.

Responsibilities:

  • Leading and managing the Security Operations and team of security operational staff members.
  • Directing security event monitoring, management and response and cyber intelligence.
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
  • Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.
  • Revising and developing processes to strengthen the security operations framework, review policies, and highlight the challenges in managing Service Level Agreements (SLA).
  • Ensure customer Service Level Agreements are consistently met or exceeded and identify areas of improvement.
  • Overseeing technical delivery, assessing and continually improving output, and ensuring processes are developed and adhered to in order to drive operational excellence.
  • Managing staffing, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions.
  • Developing and maintaining an educational environment where the knowledge and performance of the group is constantly advancing.
  • Developing and mentoring staff through open communication, coaching, and annual appraisals.
  • Training and developing staff skillset through a training program, partner relationships, internal and third party training opportunities, and performance management processes.
  • Building and maintaining employee morale and motivation.
  • Performing regular one on one meetings with IR team members.
  • Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness.
  • Ensuring threat management, threat modeling, identify threat vectors and developing use cases for security monitoring.
  • Creating reports, dashboards, metrics for SOC operations.
  • Other duties as assigned.

Requirements

  • In-depth familiarity with security policies based on industry standards and best practices
  • Working knowledge of SIEM technologies, like Splunk ES, McAfee ESM, specific certification
  • Experience in designing and building security and/or network operations centers
  • Incident management process development and/or incident management experience
  • 5+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection and security event analysis
  • Experience with security device installations, configuration and troubleshooting (e. g., firewall, IDS, etc.)
  • Ability to lead and communicate efficiently within a team environment
  • Great customer service skills
  • Advanced technical writing skills

Preferred Background:

  • One or more security-related certifications: (CISSP) Certified Information Security Manager, (CISM) Certified Information Systems Auditor, (CISA) NIST Cybersecurity Framework, (NCSF) Certified Cloud Security Professional.
  • A valid passport.
  • Bachelor of Information Technology, Computer Science, Computer Engineering, Cybersecurity, Communications, Business or other related fields of study.
  • Demonstrates a personal interest in cybersecurity outside work hours.
  • Experience in an MSSP environment or performing similar duties.
  • Experience with deploying, maintaining, or using one or more of the following Security Solutions: SIEM, SOAR, Network IDS/IPS, Host IDS/IPS, Network Firewall, Host Firewall, Web Application Firewall, EDR, AV, DLP, Identity & Access Management, Web Proxy, Email Security
  • Experienced in reviewing event logs.
  • Broad knowledge of security best practices, security solutions, and methodologies.

Benefits:

  • 401K with 4% match after six months on the job.
  • Partial telephone or Internet reimbursement.
  • Health insurance with one or more care providers to select from (including dental & vision).
  • Performance-based individual and group annual bonuses.
  • Continuing professional education

 



Posted On: Wednesday, March 3, 2021



Apply to this job