JD - SOC Manager

Role Purpose

As an Security Operations Manager you will oversee key staff working to identify and safeguard the organization from intrusion, security threats and overall security weaknesses. The role will be responsible for both staff and the management processes keeping your organization secure.

This is a senior role which will involve strategic decision-making, overseeing the design, implementation and/or change of Finesse IT Security Operations solutions, including overall adoption and testing of new processes/procedures which improve the security and robustness of monitoring, detection, and response capabilities within the technology infrastructure and associated IT systems.

The role not only covers the day-to-day security operations working within a 1st line Security Operations Centre (SOC) environment, it will also be involved with the construction of the Cyber security strategic vision, adherence to any necessary protocols, policies and regulations or legal requirements.

Ø Key responsibilities / account abilities:

l The Security Operations Centre (SOC) Manager will plan, direct and control the SOC functions and operations.

l Responsible for SOC strategy.

l Leading and managing the Security Operations and team of security operational staff member.

l Primarily responsible for directing security event monitoring, management and response and cyber intelligence.

l Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.

l Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.

l Minimum 8+ years exp in SOC, Minimum 2 years exp in leading, SIEM - Qradar preferred.

l Security Operations Centre (SOC) Manager will plan, direct, and control the SOC functions and operations.

l Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring escalation are per internal policies.

l Identify potential threats delivering strategic reports and strategies to minimize the impact of the threat.

l Responsible for the 1st Line SOC strategy within IT.

l Creating, leading, and managing the 1st Line Security Operations team which compromise of security operational staff members.

l Primarily responsible for directing security event monitoring, management, and response.

l Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.

l Ensuring compliance to policy, process, and procedures. Ability and aptitude to improvise and improve on existing processes to achieve operational objectives as governed by cyber risk management.

l Revising and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs.

l Responsible for overall use of resources and initiation of corrective action where required for Security Operations Center.

l Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness.

l Creation of reports, dashboards, metrics for SOC operations and presentation to Senior Management.

l Involvement in arranging staff training in security awareness skills through coaching positive security culture. This will involve driving continuous improvement and addressing non-compliance constructively to achieve good business outcomes

l Compliance with internal policies and relevant legislation / standards, such as the Data Protection Act and ISO standards.

l Monitors alerting tools and also handles escalated incidents from Helpdesk, Physical Security, Network Team and Customers.

Qualifications/Requirements:

Qualified to first degree level, or equivalent in a relevant discipline in such as Computer Science, IT or a Cyber-Security related field

Minimum IT Diploma Holder or equivalent.

Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.

Possess personal and professional integrity. Individuals will be required to submit to a background examination.

Good oral and written communication skills.

Possess desire to solve problems logically.

Desired Characteristics:

Ability to perform logical problem solving.

Possess basic understanding of enterprise grade technologies including operating systems, databases and web applications.

Ability to read and understand basic system data including security event logs, system logs, application logs, and network traffic.

Demonstrate understanding for basic internet traffic concepts (e.g. DNS, HTTPS, HTTP).

Network infrastructure knowledge (e.g. router, switch, firewall).

Security best practices for operating systems such as Microsofot WIndows or Redhat.

Experience of working in high performing teams and understand the dynamics of teamwork in a SOC environment.

Experience & Skills:

8+ years in SOC with at least 2+ years of leading experience obtained within a variety of IT Security related roles

Broad range of experience in managing and delivering security solutions

Demonstrable experience in managing information security operations or incident response activities within a highly complex organization with global stakeholders

Wide range of security understanding in technology across differing platforms

in-depth understanding of security principles and methodologies

Knowledge of relevant IT Security related hardware, software, and vendor solutions

Good knowledge and experience of Vulnerability Management

Previous experience in SOC, Incident Handling and Security Monitoring.

Desired Characteristics:

• Ability to perform logical problem solving.

• Possess basic understanding of enterprise grade technologies including operating systems, databases and web applications.

• Ability to read and understand basic system data including security event logs, system logs, application logs, and network traffic.

• Demonstrate understanding for basic internet traffic concepts (e.g. DNS, HTTPS, HTTP).

• Network infrastructure knowledge (e.g. router, switch, firewall).

• Security best practices for operating systems such as Microsofot WIndows or Redhat.

• Experience of working in high performing teams and understand the dynamics of teamwork in a SOC environment.