Cybersecurity Security Operations Center Manager

The Cybersecurity Security Operations Center (CSOC) Manager's core function is to provide leadership and oversee the administration of the CSOC, including security engineers and security analysts. The CSOC is responsible for monitoring and alerting on cybersecurity events, ensuring the maintenance of the current and future technologies, and continually analyzing threat data to find ways to improve the organization's security posture. This position requires both the ability to tactically focus on immediate threats at hand as identified in alerts and intelligence as well as strategically remain focused on Initiatives tasked by senior leadership. Candidates must be highly analytical, technically competent, and have an ability to provide focus and calm during incident response scenarios. The ability to lead groups or move forward initiatives is essential. In addition, the ability to plan for future team needs requires staying informed of current events in technology platforms and the Cybersecurity industry.

Operational Management

• Manage team employees reporting directly to you. Responsibilities include preparing midyear and annual staff evaluations and addressing both opportunities for growth (such as promotions) or improvement (such as employee performance improvement plans) as performances warrant.
• Manage the on-call rotation and time off for the SOC
• Providing regular training sessions and mentorship opportunities to facilitate knowledge-sharing within the team.
• Hiring new staff members or contracting outside services to supplement your team's capabilities when needed.
• Responsible for vendor management - existing and future contractual relationships with technology and service providers. This includes working to address support issues, contract renewals / discrepancies, bi-weekly meetings, Quarterly Business Reviews, etc.
• Track tool performance / utilization to measure return on investment and support future evaluation / rationalization needs.
• Responsible for identifying tool / service evaluation opportunities. Working closely with the Security Threat Architect.
• Responsible for day-to-day CSOC budget management
• Lead your team and communicate with management during incident response (IR) to ensure timely notification and containment occur. Responsibilities include ensuring communicating, documenting IR progress, and following through with post-mortem reviews.
• Ensure CSOC meets regulatory compliance of both internal and external auditors by adherence to policies and procedures. Ensure version control of SOC alerts as well as least privilege access to logs and investigation data.
• Ensure synchronization and collaboration between the CSOC and Cyber Threat Intelligence team.
• Work with other departments to identify the root causes of security incidents and develop strategies to mitigate these risks.

Strategy & Planning

Acquisition & Deployment

Incidental Functions

This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.

Job duties include contact with other employees and access confidential and proprietary information and / or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company's staff, employees, and business relationships.

Formal Education & Certification

Knowledge & Experience

Preferred Experience

Personal Attributes