Get more qualified candidates and reduce your costs with our guaranteed recruiting solutions

Talk to an expert today

1532 - SOC Operations Lead

New York, New York.
U.S. Citizenship

GENERAL DUTIES:

  • Perform security monitoring and analysis leveraging SIEM and security tools
  • Conduct technical analysis and correlation of operating system, database, application, cloud and network logs to triage potential security events and incident investigations
  • Analyze tactics, techniques, and procedures (TTPs) for various intrusion sets
  • Develop custom SIEM content and tune security tools in order to prevent, detect and respond to malicious activity
  • Utilize EDR and network security tools to conduct host and network based detection analysis
  • Create and maintain reports to Key Performance Indicators (KPIs) for regularly scheduled metric reviews
  • Conduct vulnerability scans and participate in tabletop exercises
  • Improve the incident response process through tabletop exercises, playbook development, and standard operating procedures
  • Experience managing ticket escalations, and incident response coordination across engineering, security, and management teams
  • Experience in IDS/IPS, CASB, SOAR, SIEM, EDR, DLP, Firewalls, DNS security, cloud security, Windows and Linux systems, etc.
  • Familiarity with the Cybersecurity Framework (CSF) and a threat intelligence framework such as MITRE ATT&CK
  • Knowledge of scripting languages, such as python

REQUIRED QUALIFICATIONS:

  • 5 - 10 years of SOC environment experience

CLEARANCE:

  • U.S. Citizenship required