SOC Manager Role As a SOC Manager, you will establish goals and priorities by working closely with your team to identify the most critical focus areas.
These include Improving incident response times, reducing false positives and other extraneous alerts and Enhancing threat detection capabilities.
In this role you will analyse incident reports to understand the organisation's security posture by reviewing incident reports and identifying patterns and trends that may indicate weaknesses or vulnerabilities in their security defences.
You will lead these efforts by establishing clear incident response procedures and protocols and conveying them to the team Responsibilities: • Manage service and process improvements of SOC, auditing SOC incidents, identifying new use cases and automations • POC for SOC engineering team, threat intelligence analyst and Threat exposure management • Act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques • Act as the lead coordinator to individual information security incidents • Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks (tools, techniques, Procedures) in support of technologies managed by the Security Operations Centre.
• Document incidents from initial detection through final resolution • Ensure threat management, threat modelling, identify threat vectors and develop use cases for security monitoring • Make informed decisions about security investments and strategies that align with the company's goals.
• Create reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
• Act as focal point for any investigations involving security; to prepare reports and note follow up action • Participate in the role of Incident Manager during any incidents and emergencies • Ensure that all business recovery/contingency plans and/or procedures held within the security control rooms are always kept up to date • Coordinate with IT teams on escalations, tracking, performance issues, and outages.
• Serve as the point of contact (POC) for security incidents within the company.
You are the primary liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies.
• Report to the Customer about security operations - keep the CISO and Head of security operations informed about everything that's happening in the operations center.
Skills/Must have: • Strong knowledge in Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) and SOC advancements such as EDR and SOAR.
• Good knowledge of SIEM technologies, like Google Chronicle, Splunk ES or QRadar.
• In-depth familiarity with security policies based on industry standards and best practices.
• Experienced within the information security field, with emphasis on security operations, incident management, intrusion analysis, security device installations, configuration, and troubleshooting (e. g., firewall, IDS, etc.).
• Experience in Log source integration and in Developing new correlation rules & Parser writing.
• Experienced in SOC automation development, cloud operations (e. g. AWS), Designing, building security operations centers and Regulatory Compliance.
• Ability to lead and communicate efficiently within a team environment along with Incident management process development and/or incident management experience.
• Solid understanding of information technology and information security required • Excellent communication and presentation skills with demonstrated skill in presenting analytical data effectively to varied audiences (including executives).
• Ability to work well under pressure with differing levels of Management.
Benefits: - hybrid working - 10% bonus - Private healthcare Salary: - £70,000 - £90,000 Base Salary