Security Operations Center Lead

incedent response operations security
C2H Independent, C2H W2
Negotiable
Telecommuting not available Travel not required

Job Description

We are working directly with a prestigious retail organization located in Pataskala, OH and are seeking a Security Operations Center Lead.

 

This is a right to hire opportunity and can work with you initially as a W2hourly or on your corp.  Client is open to those that wish to relocate to the area.

 

 

Position Overview:

  • The individual in this position will be the Security Engineer responsible for building and maintaining the Security Operations Center and Incident Response program.
  • This is an individual contributor role but will influence and lead junior level security engineers and analysts to monitor and respond to all security related incidents.
  • This position will act as an advisor for security operations integrations to group associates, mainly the company's Brand Services IT teams.
  • A thorough understanding of incident response situations and SOC functions, procedures, and policies is required.
  • Responsible for the building, deployment, and effectiveness of the security operations center and incident response program.
  • Drive the migration of existing run books and processes to the new SOC environment and processes.
  • Continuously improve and assist in the documentation of identified gaps in the existing incident response processes and procedures.
  • Work with Security leadership to develop SLA's surrounding incident response types
  • Reword to "Coordinate quarterly testing with the other security engineering teams to ensure maximum effectiveness in detections and response.
  • Work with IT leadership and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
  • Oversee daily tasking for junior engineers and analysts.
  • Ability to work with SIEM owner to ensure effectiveness and efficiency of the SOC on a continual basis.
  • Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLA's.
  • Serve as the senior mentor to the SOC staff.
  • Serve as the focal technical lead on incident events and incidents
  • Investigate network intrusions and other cyber security incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms.
  • Summarize events/incidents effectively to different stakeholders such as legal counsel, executive management and technical staff, both in written and verbal forms.
  • Managing the chain of custody for all evidence collected during incidents and security investigations

Requirements:

  • 10 + years of overall IT security experience.
  • 2+ years of experience leading teams utilizing a SIEM
  • Bachelor's degree in a computer related discipline, or 7 years' comparable work/military experience
  • Technical industry certifications (CISSP, SANS, GCIA and\or GCIH)
  • Expert level knowledge regarding incident response processes and procedures
  • Applied knowledge and hands on experience of common SIEM tools (Splunk, QRadar, LogRhythm)
  • Applied knowledge of common infrastructure architecture, including industry standard ports and protocols.
  • Applied knowledge of common ports and protocols being leveraged for attack purposes
  • Experience with regulatory guidelines (PCI, SOX, HIPAA, etc.)
  • Advanced knowledge of threat and vulnerability landscape.
  • Knowledge of application security testing (static, dynamic) and cloud security concepts
  • Knowledge of security models and frameworks (SANS Top 20, FAIR, ISO 27002)
  • Ability to communicate and manage 3rd Party service levels and obligations are met
  • An innate need to protect and serve against malicious operators trying to steal valuable data
  • Operate as a change-agent and advocate for data protection
  • Ability to work and communicate in a team environment using strong communication skills
  • Ability to analyze and solve problems independently
  • Strong leadership abilities, with the capability to develop and guide IT team members and to work with only minimal supervision.
  • A strong customer focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationship.
  • The ability to prioritize work efforts between operational tasks and strategic efforts
  • Must possess an understanding of the retail industry

Posted By

Cindy Mack

10 Mountainview Rd. Upper Saddle River, NJ, 07458

Contact
Dice Id : techlknj
Position Id : 18-00441
Have a Job? Post it

Similar Positions

Security Engineer
  • The Ohio State University
  • Columbus, OH
Penetration Testing Lead - Cybersecurity
  • JP Morgan Chase
  • Columbus, OH
Security Engineer
  • Capital Markets Placement
  • Dublin, OH
IT Compliance Consultant
  • Techlink, Inc.
  • Pataskala, OH
Cyber Network Defense Analyst
  • ASRC Federal
  • Columbus, OH
Security Analyst/Engineer (Forcepoint)
  • Calance US
  • Marysville, OH
Cybersecurity Manager
  • Ascent
  • Barberton, OH
Security Manager
  • Robert Half Technology
  • Barberton, OH
IT Security Manager
  • Collabera
  • Findlay, OH
Senior IT Security Analyst
  • Interactive Business Systems
  • Dayton, OH