Security Operations Manager
Apply on
Overview
The SOC Operations Manager is responsible for leading the Security Operations Centres Analysts within our virtual SOC and being the escalation point for client incidents. You will also be proactively assessing risk and response strategies to potential emerging threats. As the operations manager you will act as the escalation point for client incidents during and outside of business hours. You will ensure the analysts follow ITIL processes during their day-to-day activities in line with client agreed service levels.
Key Responsibilities:
• Providing security advice and guidance to Customers • Mentoring members of the SOC team • Provide technical overview, assistance and guidance within the SOC as required • Driving continual service improvement (CSI) within the SOC team • Security Incident Response lead • Customers operational and service management reporting • Providing reporting to leadership • Roster management for the SOC • On call for SOC after-hours acting as an escalation point • Steering client technical cadences • Steering client service management cadences
The role will also require the following attributes:
• Ability to work autonomously as well as contribute in a team and professional environment • Ability to effectively manage multiple, concurrent activities, while understanding and managing priorities, dependencies and risk • Strong communication (verbal and written) and interpersonal skills • Strong focus on customer service and outcomes • Strong in resources coordination, planning and organising • Proven ability to adapt and maintain a flexible approach to changing needs or priorities • Strong reporting and analytical skills with attention to details • Strong problem-solving skill with the ability to resolve complex technical issues • High level of initiative and self-motivation.
Qualifications
• Information Security degree and or diploma advantageous • Relevant cybersecurity certification (ITIL, Security+, MCSE, CISSP, CISA, CISM, Splunk Administrator)
About You
You will have experience in the following areas: • Experience in a leadership position with demonstrated abilities to manage technical & operational teams • Communicate SOC or Incident Management requirements to internal stakeholders on which there is a dependency to effectively perform incident management and SOC services. • Performs defined tasks to monitor service delivery against service level agreements and maintains records of relevant information. • Provide input in the analysis of service delivery performance to identify actions required to maintain or improve levels of service. • Drive innovative efficiencies within the Security Operations Center • Reviews performance measures to advise team members to identify development areas and remedial action • Monitor team activities and provide on-the-job guidance to ensure that incidents management activities and ad-hoc work requests aligns with team processes, risk and compliance requirements. • Identify and escalate poor performance of individuals to maintain a high standard of delivery aligned to company values and principles • Engaging with other relevant technical groups within our client’s environment including service desk personnel and system engineers to facilitate the collection of data, and provision of information relevant to supporting related capabilities • Understanding output from SIEMs in the context of the environment, escalating incidents appropriately and providing meaningful reporting • Experience with the relevant technologies and domains, including system logging and log auditing