Security Operation Center Lead

If interested, please contact catherine@3pandt.com

Location: Eatontown, NJ

POSITION SUMMARY: 

The Security Operation Center (SOC) Lead is responsible for all technology operations within Managed Security Services Practice (MSSP). This includes training, direction and oversight to our MSSP process and tools. The SOC Lead is also responsible for security monitoring service delivery and provides Level 2 and 3 security incident response in the SOC.

The SOC Lead is ultimately responsible for the satisfaction of all MSSP customers. Client relations and strong communication skills are a critical part of this role.

ESSENTIAL DUTIES AND RESPONSIBILITIES- MAY INCLUDE THE FOLLOWING:  OTHER DUTIES MAY BE ASSIGNED.  

·   Provide operational management, improvement and direction of our MSSP and SOC

·   Stay up to date with current security vulnerabilities, attacks, and countermeasures

·   Create and maintain SOC processes, Standard Operating Procedures (SOPs) and documentation with a goal of standardizing all repeatable tasks within the team for optimal and efficient service delivery

·   Manage and maintain security monitoring and alerting systems (e.g., AlienVault and TheHive)

·   Help mentor new employees to become strong members of our SOC Team as quickly and seamlessly as possible, and operationally assist them as the MSSP business scales

·   Ensure Service Level Agreement (SLA) achievement for all MSSP customers

·   Work with the Client Advocacy Team in developing and providing Security Incident reports for any major customer incidents, handling escalations, preparing and participating in quarterly business reviews and proposal creation when required

·   Work closely with the Customer Success Services Team and SOC team to ensure new MSSP customers are on-boarded with a seamless handover / transition into the SOC

·   Ensure documentation for all MSSP clients is updated and maintained

·   Work directly with other SOC and NOC team members on security incident containment and mitigation activities

·   Provide direct communication to customers, peers, team and managers regarding security incident and change management activities

·   Maintain detailed notes within Operational Management systems on all security incident management activities

·   Assess and identify appropriate solutions to be integrated into the MSSP and make recommendations for implementation and troubleshooting

·   Obtain/maintain technical/professional certifications applicable to position or as requested by management

·   Provide emergency on-call support on a rotating schedule

·   Perform other duties as assigned

OTHER SKILLS and ABILITIES:

·   Excellent Interpersonal Skills (develop and maintain strong working relationships)

·   Strong work ethic

·   Excellent written and verbal communication skills

·   Ability to multi-task as necessary

·   Ability to prioritize tasks.

·   Strong organizational skills

·   Strong customer service skills

·   Strong documentation and follow-up skills

·   Strong problem-solving skills

·   Experience with Linux, MAC OSx and Windows operating systems

·   Experience with Cisco Network and Security Infrastructure

·   Experience with security testing tools such as Kali Linux

·   Experience with programming and scripting using Python on some other programing/scripting languages

Minimum Education and Experience:

·   Associate degree or above or equivalent technical degree and required years of industry experience

·   Experience working in a MSSP, NOC or SOC

·   4+ years of experience in the Information Technology (IT) field with a focus in security

·   Knowledge and understanding of Security Incident and Event Management (SIEM) tools and processes

Preferred Education and Experience:

·   Bachelor’s degree or above

·   2+ years’ experience working in an MSSP, NOC or SOC

·   8+ years of networking and/or security experience

·   Experience in Security Management and SIEM (e.g., AlienVault)

·   Experience in Case Management Tools (e.g., TheHive)

·   Experience with Ticket Management Tools (e.g., ConnectWise)

·   Possession of Industry Certifications (CISSP, CISA, CISM, ITIL, CCNA, CCNP, CCIE)

 

If interested, please contact catherine@3pandt.com