In the role of Cyber Defense and Response Center (CDRC) manager you will be responsible for CyberArk SOC team and security defense methodology and execution.
We are looking for a security defense manager that thinks like an attacker and will continually work to enhance our SOC and Incident response capabilities.
We are looking for a skilled and experienced security manager as well as a technical expert to leads a security team of engineers and analysts that operates our SOC in a 24×7 mode.
A knowledgeable hands-on technical specialist, handles the coordination of complex and detailed technical work necessary to provide comprehensive monitoring, vulnerability management, threat detection, and incident response within the organization.
Provide security monitoring and reporting.
Essential Job Functions
- Leads a team of engineers and analysts responsible for SIEM/SOC and incident response processes.
- Ensures shift coverage in a global 24/7 SOC presence.
- Monitoring CyberArk assets, network, and data ensuring the prevention of events that negatively might impact confidentiality, availability, and integrity.
- Overall accountability for development, implementation, and effectiveness of vulnerability management and security testing programs and
- Monitors and analyze attempts efforts to compromise security protocols. Identify and investigate activities and conduct and provide analysis of results.
- Reviews SEIM logs and messages to identify and report possible violations of security
- Coordinate, document, and report on internal investigations of security violations
- Author and coordinate security status reports to provide system status, report potential and actual security violations and provide procedural recommendations
- Leads security incident response efforts by maintaining an in-depth knowledge of common attack vectors, common security exploits, and countermeasures. Responds to all information security relevant events (hacker intrusions, virus infections, denial of service attacks, etc.)
- Maintain a solid working knowledge of Information Security principles and practices.
- Research current trends of information security and event monitoring, and keeps up-to-date with issues and technology. This includes analyzing and writing internal reports regarding publicly available threats and breaches and constantly looking for Diebold information on the internet.
- Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats and KPIs
- Ensure that Standard Operating Procedures are being created and followed by the team
- Mentoring and training for the purpose of processes and skills enhancement to continuously improve the SOC ability to identify and response to threats.
- At least 5 years of experience in IT security with vast experience in Cyber IR management and a minimum of 3 years experience as a team leader
- Ability to serve as a technical lead for any incident response manager and investigator.
- Ability to work under pressure and in multi-tasking environment.
- Proficiency with forensic techniques and the most commonly used forensic tool sets
- Experience with conducting log analysis of OS Event Logs, Apache, IIS, and firewall logs.
- Experience with SIEM and SOC systems – a must
- Experience in leading an Incident Response Team or task force
- Ability to engage with internal peers in order to achieve required deliveries.
- Industry standard certifications highly preferred; CISSP, CISM, or similar