Job Level
Mid-LevelSenior
Tech Stack
Splunk
About the role
- Manage a 24/7 team of security professionals to detect, monitor, respond, and remediate threats and Splunk SIEM.
- Oversee day-to-day SOC operations across internal and external teams; serve as point of contact for incident response and forensic activities.
- Provide teaching and mentoring to SOC Tier 1/2/3 Analysts, including incident response functions.
- Coordinate staff schedules and resolve scheduling gaps in coverage.
- Analyze attacker tactics, techniques and procedures (TTPs) from security events and submit recommendations for enhancements to management.
- Implement policies and procedures to ensure consistently high levels of staff performance.
- Track and report status of pending, implemented, or rejected tickets in biweekly management meetings.
Requirements
- 6 plus years of hands-on experience in Security Operations Centers (SOC), with at least 2 years in a
- leadership or managerial role.
- Manager/Team Lead to manage a 24/7 team of security professionals to detect, monitor, respond, and remediate threats and Splunk SIEM.
- Day to day operation activities across internal & external teams, provide oversight & POC for Incident response & forensic.
- Provide teaching / mentoring to SOC Tier 1/2/3 Analysts, including incident response functions
- Coordinating staff schedules and resolving scheduling gaps in coverage.
- Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems, and submit recommendations for enhancements to the Manager.
- Ensuring consistently high level of staff performance by implementing policies and procedures
- Tracking and reporting on the status of pending, implemented or rejected tickets in the biweekly management meetings
- Certifications: Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP).