SOC (Security Operations Center) Manager-Eatontown
Location: Eatontown, NJ
The SOC Manager will plan, direct and control the functions and operations of the 24x7x365 Security Operations Center (SOC). The SOC Manager will develop and maintain an incident response program to address all security incidents and ensure timely escalation to appropriate business units for validation/investigation. The SOC Manager will also monitor all intelligence sources to identify potential threats/compromises which may target the client and develop proactive strategies to minimize the impact of these threats.
ESSENTIAL DUTIES AND RESPONSIBILITIES- MAY INCLUDE THE FOLLOWING: OTHER DUTIES MAY BE ASSIGNED.
- Lead staff to proactively identify, prevent and respond to security incidents.
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
- Ensure compliance to Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.
- Ensure adherence to regulatory compliance, federal and state laws governing information security, customer identification program, personal identifiable information and assets
- Monitor and analyze security incidents to protect client information and assets from unauthorized access, misuse, modification or destruction.
- Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve governance.
- Responsible for team management, personnel scheduling, overall use of resources and initiation of corrective action where required for Security Operations Center.
- Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
- Responsible for integration of standard and non-standard logs in SIEM (Security Incident & Event Management)
- Lead in developing and testing use cases for monitoring and alerts
- Lead technical meetings and workgroup sessions with relevant SMEs (Subject Matter Experts)
- Research and assess the SIEM tool capabilities and functionality of new or existing cloud platforms and perform gap and/or integration analysis as needed.
- Recommend specific tools and processes to maximize security monitoring and response capability.
- Creation of reports, dashboards, metrics for SOC operations and presentations to clients.
- Co-ordinate with stakeholders to build and maintain positive working relationship; this include subordinate SOCs supporting the organization.
- Maintain detailed notes within Operational Management systems on all security issue resolution activities
- Maintain customer technical information within defined documentation standards
- Obtain/maintain technical/professional certifications applicable to position or as directed
- Manage and maintain security monitoring and alerting systems
- Assess and identify appropriate solutions to be integrated into the systems operation and make recommendations for implementation and troubleshooting
- Communicate with customers, peers, team and managers regarding incident and change management
- Provide emergency on-call support on a rotating schedule
- Perform other duties as assigned
Minimum Education and Experience:
- Bachelor’s Degree in an Information Technology related major, or 8 years of equivalent professional experience
- 5+ years of management experience leading a SOC team
- 5+ years of experience and understanding of event/alert management, incident and change management processes.
- 5+ years of experience and understanding of Command and Control (CnC), Indicator of Compromise (IoC), DDOS (Distributed Denial -of- Service), Email Phishing, Brute Force Attacks, Event log analysis
- 5+ years of experience in Security Management and SIEM (e.g., Splunk, OSSIM, AlienVault)
- Achieved one or more relevant security certifications (CISSP, GCIA, GCIH, GMON, etc.)
Preferred Education and Experience:
- Bachelor’s Degree preferred
- 5+ years of experience in Network Management Tools (e.g., Vistara/OpsRamp)
- 5+ years of experience with Ticket Management Tools (e.g., ConnectWise)
- 5+ years of experience with Cisco Umbrella, ISE (Identity Services Engine), Fire Power, Cloud Lock, IDS/IPS, AMP, Cisco Email Security, etc.
OTHER SKILLS and ABILITIES:
- Excellent Interpersonal Skills (develop and maintain strong working relationships)
- Excellent written and verbal communication skills
- Ability to prioritize tasks.
- Strong organizational skills
- Excellent customer service skills
- Strong documentation and follow-up skills
- Strong problem-solving skills
- Familiarity with ITIL (Information Technology Infrastructure Library) processes
- Proficiency in Microsoft Office programs and ability to learn specialized system tools
- Ability to multi-task in a fast-paced environment
TRAVEL: Limited to no travel
PHYSICAL DEMANDS: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to sit and talk or hear. The employee frequently is required to stand; walk; and use hands to finger, handle, or feel objects, tools, or controls. The employee is occasionally required to reach with hands and arms. The employee must occasionally lift and/or move up to 35 pounds. Specific vision abilities required by this job involve normal vision.
WORK ENVIRONMENT: The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
The noise level in the work environment is usually quiet to moderate.
Aspire Technology Partners is an Equal Opportunity Employer. All qualified candidates will receive consideration for this position regardless of race, color, religion, sex, national origin, age, disability, genetic information, or any other characteristics protected by applicable law.
Employment is contingent upon successful completion of background and drug screening.