Vacancy expired!
- Provide day-to-day oversight of the security monitoring and incident response program.
- Lead the effort in detecting, alerting, and triaging threats and understanding adversary TTPs.
- Provide leadership and technical expertise in the incident handling process while reporting to leadership with periodic updates.
- Manage a hybrid team of city employees, contractors, and Managed Security Service Providers (MSSP) for a 24/7 operation.
- Coordinate with Federal, State, and local security personnel against active threats.
- Strong understanding of IAM, networking, application, database, and cloud security.
- Strong verbal and written communication skills.
- Ability to analyze captured data / logs to perform correlation on possible compromises to the environment.
- Three years of experience developing, evaluating, using, and maintaining technical system hardware and software;
- Bachelor's degree in computer science, math or a related field.
- An equivalent combination of related experience and education may be considered.
- All finalists for positions are subject to a criminal background check applicable to the department or position.
- This position is subject to Criminal Justice Information Systems (CJIS) background standards. Candidates who receive a conditional offer of employment must be fingerprinted and will have their fingerprints used to check the Criminal History Records of the State of Arizona Department of Public Safety and the Federal Bureau of Investigation. Any records returned will be reviewed to determine the candidate’s suitability for the job.
- Four years of experience in an enterprise SOC environment.
- Two years of experience managing a security operations team.
- Three years of direct experience in incident response.
- Four years of experience using a SIEM.
- Three years of experience developing SOC SOPs and associated documentation.
- Current / good standing industry certifications such as GCIH, GCIA, GPEN, CCNA Cyber Operations, etc.