Executive recruitment company Monroe Consulting Group Philippines is recruiting on behalf of a global technology company who is delivering truly prominent IT solutions, IT Design, IT Management, Data Security, Business Reform, and Infrastructure Plan for enterprises. Due to the company's expansion to EMEA and Manila, our respected client is currently looking for an IT professional who has experience for the job of SOC Team Lead. The company is based in Ortigas, Metro Manila, Philippines, that currently offers WFH set - up with night shift work hours and devices/equipment will be provided.
Leadership and Management:
- Be a leader in the expansion and growth of the SOC
- Supervise and manage the Security Operations Center during local work hours in coordination with the US-based lead and in tandem to clients' mission and goals.
- Mentor and guide Analysts and Engineers and perform knowledge transfer to other teams as required
- Ensure accountability and punctuality of security analysts assigned to shifts, and shift continuity during callouts and emergencies
- Determine staffing requirements: guides recruiting, hiring, training, development, and retention of highly qualified team members
- Provide direction for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center.
- Ensure that Standard Operating Procedures are being created and followed by the team
- Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats and KPIs
- Compile incident reports, executive summaries, and analysis reports of intrusions and/or security events
- Ensure incident identification, assessment, reporting, communication, mitigation, and monitoring are functional
- Ensure compliance to agreements, process adherence, and process improvement to achieve operational objectives
- Provide agency with knowledge and guidance in following security frameworks (NIST SP-800, ISO 27000, etc)
- Manage and conduct hands-on technical detection, analysis, containment, eradication, and remediation as a member of the Incident Response team
- Assist with threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
- Assist with security analysis, administration and remediation procedures, workflows and tasks
- Document and update processes, workflows, and technical guides
- Identifies opportunities to improve security monitoring and operational tasks
- Create and evolve SLAs, reports, dashboards, metrics for SOC operations
- Evaluate existing SIEM rules, filters, events and use cases and adapt to meet the business requirements
- Revise and develop processes to strengthen the current Security Operations Framework
- Assist in implementation of new SOC tools and applications and processes
Maintain awareness of trends in security regulatory, technology, and operational requirements
Build and maintain relationships with stakeholders.
- 4-year college degree in Information Technology, Computer Science, Information Systems, Business or related field and 2-3 years' experience, or 5 years' experience in lieu of a college degree.
- 2 years (or more) of experience as an operations/technical lead on similar projects (operations centers considered a plus)
- Experience in the field of Security Operations and Security Incident Handling.
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, threat management, and incident management.
- Experience demonstrating strong analytical, troubleshooting and problem-solving skills for investigating and handling security incidents.
- Hands-on experience in a SOC.
- Experience supporting 24x7 operations
- Knowledgeable of Windows and UNIX/LINUX environments, Networking protocols, and Cloud technologies.
- Excellent communication skills, both written and oral
- Certifications in Information System Security (i.e. CEH, CISSP, CompTIA CySA+, GIAC certifications, etc).
- Experience in network and cyber security design, engineering and operations
- Experience with NIST SP 800 series or ISO 27000 series documents for information security management and risk assessment