The SOC Manager will be responsible for ensuring the SOC team defends against security breaches and actively isolates and mitigates security risks. The Security Operations Centre Manager will be responsible for leading how the SOC team will identify, analyse and react to cyber security threats using a reliable set of processes and security technologies. The SOC Manager will manage the activities of the SOC Team including security incident and event, and incident response operational processes. The SOC Manager will have planning capabilities, coach SOC staff on technical issues and verify that they follow Nexio policies to ensure all services within the Security Operations Centre are functioning optimally. He/She must establish and maintain metrics that help provide a high level of productivity, supportability, and operational readiness while also participating in project planning activities such as infrastructure enhancements and change management controls.
The SOC Manager will supervise the SOC team, provide technical guidance, managing standard operating procedures, managing SLAs, managing customer satisfaction, SOC team hiring, training, and coaching. Additional responsibilities include creating processes, assessing incident reports, and developing and implementing crisis communication plans. He/She will create compliance reports, support the audit process, measure SOC performance metrics, and report on security operations to customer executive stakeholders
Provides SOC leadership to customers executive stakeholders, and/or professional staff.
Provides technical guidance to SOC Teams.
Gives regular, comprehensive and constructive feedback to team and conducts their performance appraisals.
Proactively seeks feedback from team members and deals constructively with any criticism.
Adjusts management style to get the best from the individuals within the team.
Delegates work to team members taking into account their capacity, level of skill and exposure to different types of work and complexity; provides clear instructions and direction, with reasonable deadlines.
Responsible for day to day cyber security operations management and cyber intelligence monitoring and threat analysis.
Manage threat hunting and security monitoring staff and activities.
Oversee defined incident response plans, workflows, and standard operating procedures SOPs for the Security Operations.
Coordinates response, triage and escalation of security events affecting the company’s information assets and activities with the Incident Response team.
Act as the escalation point for all security incidents that require attention and timely responses.
Coordinate response, triage and escalation of security events affecting customers’ information assets and activities with the Cyber Incident Response team.
Dashboards, Reporting and actionable metrics that include KPI's, monthly reports, threat advisories and tailored metrics specific to incident response and threat monitoring efforts.
Oversee and assist with the development of operational runbooks to improve the efficiency of cyber security team’s detection and response capabilities
Facilitate the creation of reports, dashboards, metrics for cyber security operations and presentation to senior management.
Co-ordination with stakeholders, build and maintain positive working relationships between various service towers of the business and customers.
Provide leadership and support during high severity security incidents and investigations.
Optimize the processes to respond to and investigate detected attacks.
Performs all aspects of employee development, working to ensure cyber talent growth and retention.
Mentor and train new personnel.
Develops and maintains employee development plans.
Develop and assess KPI’s for each team member.
Responsible for ensuring spending is within budget allocation.
Lead the development and implementation of a SOC that monitors security events for anomalies and detects security incidents.
Guide the incident response and disaster recovery team in development,
testing and maintenance of incident response plans.
Design, coordinate and oversee monitoring capabilities to verify the security of systems, networks, databases, user behaviour, file integrity, and cloud environments, and manage the remediation of identified risks and vulnerabilities.
Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
Act as the most senior incident escalation point for the team. This analyst will ensure steady state operations are optimally configured and running 24/7/365.
Utilize key performance indicators to track analyst workloads as well as the efficiency of detection signatures/rules and associated monitoring technologies.
Identify potential process improvement projects and serve as a change agent through IT.
Support the design and implementation of procedures and controls necessary to ensure and protect the safety and security of all information systems assets, including prevention of intentional or inadvertent access, modification, disclosure, or destruction.
Provide subject matter expertise and counsel to management regarding vendors, technologies, and special projects.
Support the preparation of appropriate reports and communicate status and results.
Individuals at this level have fully developed knowledge of the business, marketplace and clients. Is recognized as an expert in own area within the organization with special focus and emphasis on SOC, or Advanced Cyber Defence Centre operations.
Interprets internal or external business issues and recommends best practices. Provides technical guidance to more junior levels of staff.
Able to build strong interpersonal relationships with key customer stakeholders.
Excellent verbal and written communication skills.
Able to align multiple strategies and ideas.
Confident in producing and presenting work.
In-depth understanding of the industry.
Working technical knowledge of SOC tools and SIEM technologies e.g., Azure Sentinel, QRadar, ArcSight.
QUALIFICATIONS & EXPERIENCE
BSc/ B Tech /Comps / BEng or equivalent IT Security Diploma
Additionally, one more certifications in the following information security and domains.
At least 3 to 5 years SOC Management experience in an established SOC
Application Submission Details:
Please include the below documentation in your application: