Add expected salary to your profile for insights
Responsible for overseeing daily security operations and collaborating with the GSOC and MSSP Tam for 24/7 internal monitoring.
Serves as the primary point of contact for all cyber security incident escalations from GSOC, MSSP Team, and internal teams.
Manages all aspects of cyber incident response, including initiation, identification, containment, escalation, reporting, communication, recovery, forensic investigation, and post-mortem analysis.
Acts as an incident manager to resolve the escalation/incident by coordinating with relevant stakeholders within the agreed SLA.
Produces various monthly reports on SOC/incident monitoring and delivers them to stakeholders/senior management on a quarterly basis.
Ensure up to date on security industry news and developments, including the latest exploits, threats, and prevention, remediation, and restoration techniques.
Work with the team to proactively hunt for threats.
Create/maintain a standardized set of responses for cybersecurity issues, developing and maintaining incident response playbooks for the team to use as new threats emerge.
Monitor security tools closely (SIEM, AV, ATP, etc.)
for threat alerts, ensuring timely response, and manage tool renewal, maintenance, and upgrades.
Oversee MSSP Team monitoring and outsourcing arrangements.
Identify and communicate security flaws and vulnerabilities within the organization effectively.
Collect and provide evidence and submissions as requested by various parties (risk management/auditor/regulator) to confirm adherence to security policies, processes, guidelines, and controls.
Requirements:
Degree or higher in Information Technology, Cybersecurity or equivalent
CEH, ECSA, GCIH, GCFA, or CISSP certification
4+ years of experience in Cyber Security
Hands-on experience in incident management.
Extensive technical knowledge in security tools closely (SIEM, AV, ATP, etc.)
Excellent understanding of Cybersecurity Technology and operation.#J-18808-Ljbffr