SOC Manager

Key Responsibilities:

• Execute ongoing, operational business-as-usual (BAU) tasks to meet management - defined KPIs and SLAs, and deliver security projects in line with management-defined priorities and deadlines
• Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure.
• Perform threat hunting and review, triage, investigate and escalate security alerts raised by security tools, technologies, and services (e.g. endpoint security, network security, DLP, SIEM, reported phishing emails, etc.)
• Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents
• Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities
• Configure, customize, tune, manage, troubleshoot, and maintain to ensure effective and efficient operation of security technologies, such as SIEM, endpoint security, secure web gateway, CASB, DLP, email security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across the various platforms
• Define, document, and follow approved processes for all the responsibilities includes in this job description. Create and maintain documentation for systems, including design and operation
• Review systems, configurations, and process to ensure and report on compliance with ION policy, client requirements, audit controls, regulations, and industry best practices. Provide best practice security recommendations to IT and other teams within ION, based on review results
• Respond to information security-related inquiries and requests.

Required Skills, Qualifications and Education:

• Degree/diploma/certifications in a technology-related field and/or relevant working experience; highly desired certifications include: PenTest+, Security+, OSCP, CCSP, CEH, GCIH, GMON or CISSP
• 7+ years' experience in information security with at least 3-5 years in a Security Operations Management role
• Must have fundamental understanding of programming/scripting. The following general characteristics are required:
• A team player with the ability to work independently and unsupervised.
• Ability to own delegated tasks and see them through to completion
• Ability to manage time and prioritize work to maximize productivity.
• Excellent communication skills (both written and verbal)
• Exceptional attention to detail and quality
• Excellent problem-solving techniques and trouble analysis skills
• The candidate should have a good knowledge of:
• Endpoint security concepts, controls, and best practices for workstation (e.g. Windows and Mac) and server (e.g. Windows and Linux) operating systems
• General IT networking concepts, protocols, standards and network security concepts, controls, and best practices
• Cryptography fundamentals and data security controls and best practices
• Forensic investigation techniques
• Security standards/best practices and frameworks
• Prior experience deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc.