COMPANY: RESOURCE SOLUTIONS
JOB TYPE: Permanent, FullTime
Security Operations Manager
The SOC Manager will be responsible for the day to day operations of the Security Operations team. The successful candidate will develop and lead a high performing Security Operations and Cyber Security Incident Response . This role will report directly to the Head of Security Operations and ensure the successful delivery of the managed service providers leverage to run SIEM platforms, ensure the Cyber Incident Response L2 service meets it's control obligations and SLA's. They will also form a key role in ensuring Security Operations delivers against its Strategic Objectives over the next 12 months.
The role scope:
- Manages the SOC team- understand their roles and ensure maximum efficiency in resource deployment (e.g. Level 1,2,3 Analysts)
- Vendor liaison on SIEM technology/ platforms
- Oversight of security event monitoring, management and response
- Ensures incident identification, assessment , quantification, reporting,
- communication, mitigation and monitoring are at professional standards
- Ensure process adherence and improvisation to achieve operational objectives
- Revise and develop processes to strength e n the current SOC frameworks and processes
- Oversight of threat management , threat modelling, identification of threat
- vectors and development of use cases for security monitoring- reported to by Level 3 & Threat Hunter s
- Preparation of reports, dashboards & metrics for SOC operations and presentations to senior management
The role requires:
- Strong operational delivery capability, internally and via 3rd party providers
- Proven leadership skills to provide vision and directions in order to develop best in class Security Operations capability
- Significant collaboration and stakeholder management across the organisation
- This is an exciting opportunity to join a business undergoing significant change, take a key role in a business critical function and work closely on large-scale multi-million pound security transformation programme in order to develop a high performing Security Operations function
Security Operations Centre (SOC)
- Oversee the outsourced suppliers and internal teams delivering the hybrid SOC and develop processes to ensure continuous improve me n t of SOC capabilities.
- Drive rigour and discipline to ensure services are delivered in a timely manner that limits impact to the business. This includes establishing, monitoring and evaluating service metrics.
Detection & Response
- Ensure cyber security incidents are identified, manage d and responded to in a timely manner that limits impact to the business.
- Act as the focal point of contact for cyber security incident escalations to coordinate investigation and remediation activities where required, and communicate findings to the wider business and stakeholders
- Ensure the SOC has sufficient visibility and technology to detect cyber security threats across all technologies, applications and infrastructure
Experience / Capabilities statements:
The candidate should have a proven track record of:
- Leading operational capability delivering services in a large corporate environment
- Supporting delivery of project or strategic initiative.
- Working in cross- functional teams
- Demonstrating strong leaders hip skills and an ability to build relationships across a wider business.
- Influencing a wide range of internal and external stakeholders .
- Delivering persuasive messages with excellent written and verbal communication skills.
- Managing cyber security incidents and effectively working under pressure .
The candidate should also have significant experience and understanding of cyber security, preferably including:
- Designing and building SOCs.
- Using cyber security frameworks.
- Working within threat and vulnerability manage m e n t and detection and response functions.
- Automation and orchestration across the threat event landscape
- Knowledge of SIEM, EDR, IDS/IPS, Azure NIST & ITIL