Lead the Security Operations Center (SOC) team to include monitoring and responding to cyber-attacks. In addition, this position will be responsible for providing strategy, leadership, training, and mentoring to the SOC. The candidate will work with various technology and business stakeholders to ensure the secure rapid delivery of business value.
Security Operations Center Manager Responsibilities
Lead the SOC to include: maintaining a multi-year strategy/roadmap, obtaining key stakeholder sponsorship, establishing governance, and driving the repeatable delivery of outcomes.
Manage core SOC capabilities: security monitoring use cases linked to threat intelligence/MITRE ATT&CK, triage investigation processes, and the incident response plan.
Leverage knowledge of attacks/investigations to establish a feedback loop; engage with and influence key stakeholders to enhance security posture.
Develop monitoring and report on the health, effectiveness and efficiency of SOC services.
Manage SOC vendor relationships, to include the Managed Security Service Provider (MSSP) and Incident Response Retainer.
Clearly communicate vision, user stories, plans and project status to directs, management, and key business stakeholders.
Focus on the personal and professional growth of SOC staff by minting new analysts, engineers, and managers.
Accountable for internal/external audits of the SOC.
Follows all policies and procedures, compliance regulations, and completes all required annual or job-specific training.
Keeps current on emerging technologies and attacks.
May perform other duties as assigned.
May supervise up to 6 staff and MSSP vendor.
Security Operations Center Manager Qualifications
Bachelor's Degree in Management Information Systems, Computer Science is preferred.
5 + years of hands on experience in the security monitoring and incident response.
2 + years of management experience; ability to lead with a strategic vision and manage operations.
Experience with SIEM capabilities, Splunk preferred.
Hands on experience with EPP/EDR, NefFlow, and vulnerability identification tools.
Experience with cloud service providers, Azure preferred.
Strong leadership skills; ability to structure unstructured problems and take command during an incident.
Must possess at least one of the following certifications: GCIH, GCIA, GCFA, CHFI.
May possess one or more of the following certifications: CISSP, GWAPT, CCNP, GCUX, GCWN.
VanderHouwen is an award-winning, Women-Owned, WBENC certified professional staffing firm. Founded in 1987, VanderHouwen has been successfully placing experienced professionals throughout the Pacific Northwest and nationwide. Our recruitment teams are highly specialized in either Technology and IT, Engineering, or Accounting and Finance career markets. Our recruiters value building meaningful, professional relationships with each candidate as well as developing honed knowledge of companies' staffing needs and workplaces. Partner with us to land your next exciting career.
VanderHouwen is an Equal Opportunity Employer and participates in E-Verify. VanderHouwen does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, or any other characteristic protected by applicable local, state or federal civil rights laws.