SecOps Lead L3

24 Nov 2024

Vacancy expired!

Primary Skills – Endpoint Security, EDR and Email Security, SIEM (SecureWorks), SOAR, Threat Intelligence, Secondary Skills - Patching, IDAM, Network Security, Web Security (Content/URL filtering) and Vulnerability Management Responsibilities § Proactively manage and maintain Endpoint Security Systems (Anti-Virus platforms, ATP and EDR) § Review customer and internal Endpoint Security Systems to maintain security compliance § Operational support & maintenance for endpoint security solutions (e.g. Anti-Virus, Host Firewall, Forensics based tools, Privilege management, application whitelisting, EDR). § Upgrade and patch Antivirus security platform products to the latest versions § Perform in-depth analysis of endpoint solutions for detection and response § Perform in-depth analysis of Phishing/SPAM Emails § Lead significant SOC projects, focused on enhancements to detection and incident response capabilities and other improvements to SOC workflow/automation/process/documentation. § Ability to architect security solutions including cyber response automation, threat intelligence, user analytics, security infrastructure technologies, and application/software protections § Provide management oversight of Incidents and manage shifts § Serve as an escalation point for Threat analysts for complex/unusual alerts/cases/requests/incidents. § Conduct performance reviews and develop growth strategies for direct reports. § Evaluate gaps and assign training for Threat analysts to ensure consistent quality in response. § Develop and manage metrics based on operational load, process effectiveness and supportability of the SOC. § Strong verbal and written communication are a must to be able to deliver complex topics. Qualifications § Bachelor's degree in Information Technology, related discipline, or relevant work experience. § 12+ years of experience in planning, designing, and implementing Endpoint Detection & Response (EDR) Solution. § Hands-On experience in any of these tools Microsoft Defender ATP, Trend Micro Antivirus, Carbon Black, Crowd Strike and SentinelOne EDR. § Experience working with EDR and/or incident response toolkits § Excellent Knowledge on configuring policies and exclusions § Experience in developing custom use cases and fine tuning the correlation rules § Deep understanding of cybersecurity threats, vulnerabilities, controls and remediation strategies in complex, federated enterprise environments § Information security concepts or hands-on in areas such as incident management, security operations, vulnerability management, identity and access management, or network security § Must be well versed with cyber security management including security controls architecture, incident response preparedness and response, threat intelligence, vulnerability management, and security event analytics and correlation § Experience with leading and advising clients on security to include risk, governance, technology, regulatory drivers and IT security and frameworks such as NIST, ISO, ITIL standards § Understanding of security audit standards § Understand and articulate market trends and ability to understand the competitive landscape § Demonstrated experience in building and managing a practice. Ability to work with Security team members as well as communicate with other teams (Hybrid Cloud, Digital Workplace, DevOps, etc.) for integrated security offerings § Demonstrated knowledge of common adversary tactics, techniques, and procedures. § Experience with Azure and AWS Cloud technologies § Must have excellent communication, documentation, and customer facing skills § Demonstrated ability to increase the effectiveness of a Security Incident management § A team-focused mentality with the proven ability to work effectively with diverse stakeholders; § Good understanding of Information Security compliance regulations, frameworks, requirements (PCI, SOX, HIPPA) § Relevant Technical Security Certifications (i.e, GIAC, CISSP, EC-Council, Offensive Security, etc) are plus.

  • ID: #23391160
  • State: North Carolina Raleigh / durham / CH 27601 Raleigh / durham / CH USA
  • City: Raleigh / durham / CH
  • Salary: Depends on Experience
  • Job type: Contract
  • Showed: 2021-11-24
  • Deadline: 2022-01-15
  • Category: Et cetera