Security Operation Center experts in this TalentCloud should be able to have a central focus on the constant monitoring and improvement of organizational security alongside the prevention, detection, analysis, response, and recovery of cybersecurity incidents. This central hub acts as a command center wherein, the security of all departments, employees, transactions, partners, threats, and more are managed every second of every day.
Responsibilities
- Monitor, detect, analyze, mitigate, and respond to cyberthreats across all environments, such as networks, Internet connections, websites, mobile, cloud, services, workstations, devices, and more
- Approach SOC operations and security practice development and technical oversight every second of every day 365 days a year
- Identify, assess, quantify, report, and respond to cyber breaches and security incidents in a proactive and swift manner
- Comply with service-level agreements, as well as state and federal laws
- Mitigate threats through process improvement, detection policies, and task accountability
- Perform threat modeling, threat vector identification, threat management, and threat monitoring by use of security tools and security automation
- Assign all SOC tasks and responsibilities to specific team members and schedule shifts accordingly
- Complete operational and process analyses and audits regularly to improve processes and governance
- Create metrics, dashboards, reports, and presentations regarding SOC performance
- Integrate and implement standard policies and practices companywide
- Investigate cyber threats to prevent future attacks and to better defend access, assets, privacy, sensitive information, intellectual property, data, systems, and brand integrity
- Remain current with existing and projected threat intelligence
- Reduce downtime to improve business continuity
Preferred Education
- Bachelor’s or Master’s Degree in Computer Science or Related Field
- Equivalent Work Experience
Required Skills
- Ability to use SOC systems and processes, such as SIEM, GRC, IPS, TIP, UEBA, and EDR
- Firm understanding of change management, incident management, and problem management
- Leadership and collaboration skills are critical
- Capable of working under pressure in a fast-paced environment with tight deadlines
- Must have experience with SIEM tools, such as ArcSight, Splunk, McAfee ePO, or RSA
- Analytical skills and metrics experience are essential
- Possess strong communication and presentation abilities
Preferred Skills
- Complete specialized certifications relevant to the role, such as GCED, CISSP, GCIH, CISA, CISM, and others
- Exceed expectations in network and telecom design, architecture, and integration capabilities
