Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

SOC (Security Operations Center) Manager

JFR Staffing

SOC (Security Operations Center) Manager

Eatontown, NJ
Paid
  • Responsibilities

    Location: Eatontown, NJ

    The SOC Manager will plan, direct and control the functions and operations of the 24x7x365 Security Operations Center (SOC). The SOC Manager will develop and maintain an incident response program to address all security incidents and ensure timely escalation to appropriate business units for validation/investigation. The SOC Manager will also monitor all intelligence sources to identify potential threats/compromises which may target the client and develop proactive strategies to minimize the impact of these threats.

    ESSENTIAL DUTIES AND RESPONSIBILITIES- MAY INCLUDE THE FOLLOWING: OTHER DUTIES MAY BE ASSIGNED.

    • Lead staff to proactively identify, prevent and respond to security incidents.
    • Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
    • Ensure compliance to Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.
    • Ensure adherence to regulatory compliance, federal and state laws governing information security, customer identification program, personal identifiable information and assets
    • Monitor and analyze security incidents to protect client information and assets from unauthorized access, misuse, modification or destruction.
    • Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve governance.
    • Responsible for team management, personnel scheduling, overall use of resources and initiation of corrective action where required for Security Operations Center.
    • Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
    • Responsible for integration of standard and non-standard logs in SIEM (Security Incident & Event Management)
    • Lead in developing and testing use cases for monitoring and alerts
    • Lead technical meetings and workgroup sessions with relevant SMEs (Subject Matter Experts)
    • Research and assess the SIEM tool capabilities and functionality of new or existing cloud platforms and perform gap and/or integration analysis as needed.
    • Recommend specific tools and processes to maximize security monitoring and response capability.
    • Creation of reports, dashboards, metrics for SOC operations and presentations to clients.
    • Co-ordinate with stakeholders to build and maintain positive working relationship; this include subordinate SOCs supporting the organization.
    • Maintain detailed notes within Operational Management systems on all security issue resolution activities
    • Maintain customer technical information within defined documentation standards
    • Obtain/maintain technical/professional certifications applicable to position or as directed
    • Manage and maintain security monitoring and alerting systems
    • Assess and identify appropriate solutions to be integrated into the systems operation and make recommendations for implementation and troubleshooting
    • Communicate with customers, peers, team and managers regarding incident and change management
    • Provide emergency on-call support on a rotating schedule
    • Perform other duties as assigned

    Minimum Education and Experience:

    • Bachelor’s Degree in an Information Technology related major, or 8 years of equivalent professional experience
    • 5+ years of management experience leading a SOC team
    • 5+ years of experience and understanding of event/alert management, incident and change management processes.
    • 5+ years of experience and understanding of Command and Control (CnC), Indicator of Compromise (IoC), DDOS (Distributed Denial -of- Service), Email Phishing, Brute Force Attacks, Event log analysis
    • 5+ years of experience in Security Management and SIEM (e.g., Splunk, OSSIM, AlienVault)
    • Achieved one or more relevant security certifications (CISSP, GCIA, GCIH, GMON, etc.)

    Preferred Education and Experience:

    • Bachelor’s Degree preferred
    • 5+ years of experience in Network Management Tools (e.g., Vistara/OpsRamp)
    • 5+ years of experience with Ticket Management Tools (e.g., ConnectWise)
    • 5+ years of experience with Cisco Umbrella, ISE (Identity Services Engine), Fire Power, Cloud Lock, IDS/IPS, AMP, Cisco Email Security, etc.

    OTHER SKILLS and ABILITIES:

    • Excellent Interpersonal Skills (develop and maintain strong working relationships)
    • Excellent written and verbal communication skills
    • Ability to prioritize tasks.
    • Strong organizational skills
    • Excellent customer service skills
    • Strong documentation and follow-up skills
    • Strong problem-solving skills
    • Familiarity with ITIL (Information Technology Infrastructure Library) processes
    • Proficiency in Microsoft Office programs and ability to learn specialized system tools
    • Ability to multi-task in a fast-paced environment

    TRAVEL: Limited to no travel