Information Security Manager

Our client is a growing financial services firm. They are currently seeking an experienced SOC Manager to join their team in Montgomery County, MD.

Responsibilities:

The SOC Manager is responsible for managing the Tier1 Outsourced MSSP, and dark web Monitoring MSSP relationships. The SOC Manager is also responsible for the overall security monitoring of all assets, tuning the alerts, analyzing the security event, and maintaining security controls in support of the Information Security Program. This role will be focused on leading and performing advanced triage and detail analysis of security events of technology environments and integrating risk-based threat intelligence into the operational environment. The role also supports the ability to maintain assurance in our technical security controls so that risks to the confidentiality, integrity, and availability of information systems and infrastructure are sufficiently mitigated which in turn, supports the bank s operational goals. Assist with vulnerability management oversight, end user proxy access support as needed, prepare daily SOC reports and ensure that metrics are reported periodically. This role will have oversight of and responsibility for two or more SOC Analysts and the outsourced MSSP relationship.

Requirements:

• Bachelor s degree in computer science or information Systems, Information Technology or related focused technical training or in lieu 4 additional years of engineering and project management experience.
• 10 years of related experience in Information Security, with at least 6 years of experience at the lead level of a SOC (Security Operations Center) engaged in cyber incident management and analysis.
• Very familiar using SEIM and EDR tools. Ability to direct the MSSP to tune appropriately.
• Experience dealing with security multiple threat intelligence sources (paid or unpaid) and incorporating the same within our environment.
• Ability to lead the investigation and manage a cybersecurity event and work with the InfoSec and IT team to inspect, examine and resolve.
• Familiarity with other security tools like Vulnerability Management, Antivirus, Web proxies, forensics, etc.
• Previous supervisory or Leadership experience in a SOC environment.
• Two or more of any of the following certifications:
• SANS GIAC Certifications:
• GIAC Certified Perimeter Protection Analyst
• GCIH: GIAC Certified Incident Handler
• GOEC: GIAC Operations Essentials Certifications
• CompTIA Security+
• Certified Ethical Hacker (CEH)
• Knowledge of managing and leading cyber incidents using the Cyber Incident Response Plan (CIRP)
• Participate in Cyber exercise and be the subject matter expert for SOC operations and security events.
• Knowledge of SEIMs like Microsoft Sentinel, LogRhythm, Splunk, etc.; NDR like Darktrace, ExtraHop, Vectra, etc.
• Knowledge of SOC tools like VirusTotal, Abuse IPDb, Cisco Talos, PaloAto Watchfire, Threat Miner, Urlscan, etc.
• Knowledge working on alerts from systems, firewalls (PaloAlto, Fortinet); IDS/IPS, VPN, WAFs, etc.
• Knowledge of TCP/IP networking: networking topology, protocols, and services.