SOC Team Lead

Описание вакансии

Thanks for the click. We know your time is valuable so we will get right to it.

We’ve amassed some of the best and brightest minds in cyber security who are passionate about protecting the digital world. Our team blends advanced technology alongside deep expertise to tackle the toughest cyber threats out there. Put simply, our mission is to stay ahead of the curve and create a safer digital landscape for our partners, and we think adding a SOC Team Lead will up our cyber game.

This role is responsible for analyzing and responding to all security, and service related events on a 24x7 basis. The role is ‘hands-on’, with a requirement to carry out cyber analysis.

The SOC Team Lead is the primary escalation point for customer concerns. This individual will assist SOC Management in handling the team’s operations, which includes proper escalations, assigning and handling of relevant support tickets, coaching and training of analysts, and managing the team in the Manager’s absence.

What you’ll be doing.

• Monitor and analyze IDS/IPS, NIDS/NIPS, UTM, EDR, EPP, Windows Event and Security Logs, and Security Incident and Event Management (SIEM) toolset event logs to identify security attacks and threats for remediation/suppression.
• Assist in Computer Security Incident Response activities for large organizations as a first line security analyst to identify various malicious threats in enterprise environments.
• Ensure timely accurate communications of alerts to IT, Network or Security groups regarding intrusions and compromises to their network infrastructure, applications and operating systems.
• Assist Senior Analysts with the implementation of counter-measures or mitigating controls.
• Primary escalation for L1 Security Analysts, and ensures that workload is managed and distributed well to analysts.
• Perform Technical Audits on a monthly basis to ensure that SLA, and Incident Tickets contain valuable information that is highly important to clients.
• Facilitate trainings, and mentoring to L1, and L2 Security Analysts to ensure accuracy, and timeliness of incident handling.
• Accountable for changes to policy and guidelines, to improve operational effectiveness and efficiency.

What does it take to succeed in this role?

• Good communication skills and has the ability to work across multi-cultural environment.
• Strong analytical and problem solving skills; research skills as the role requires conducting research on latest information regarding vulnerabilities and cyber-attacks.
• Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and network attack patterns
• Willing to work flexible schedules, sometimes overnight shifts

What are desirables?

• Certification in Sec+, CySA+, CASP+, CEH, GCIH, ISC2 CC(Certifications can include any vendor certifications or general network security certification.)
• With at least 6 years of experience of team handling,
• With proven expertise in customer service handling escalated cases as the role will be client-focused working on large-scale organization as first line of escalation.
• Broad experience of technologies including but not limited to; Firewalls, IPS & IDS, Active Directory, Windows Server, Linux, TCP/IP, Networks, AWS, CDN's, Vulnerability management, SIEM Architecture, EPP, EDR, AV, and DRM.
• Background in Linux/Windows System Administration
• With at least basic to intermediate knowledge with the fundamentals of cybersecurity such as Security Administration, Incident Handling, Containment, Recovery, and Mitigation
• Knowledge in Threat Hunting, and Reverse Engineering
• Background and strong exposure on Use Case Management
• Knowledge and experience in IT Security (Physical, hardware and software)
• Experience with security assessment tools (NMAP, ISS, NESSUS) is preferred.

In addition to your technical expertise, we expect respect, opinions, and thoughtful inputs

How we work.

Our 3 values define how we operate internally as well as externally:

Vision - We embrace a forward-thinking mindset. Our team has a clear and inspiring picture of the future that helps drive our decisions towards creating and delivering world-class security services.

Velocity - We have a bias for action. We move swiftly and with purpose toward our goals and objectives and can easily adapt (and adjust) along the way.

Vigilance – We foster a culture of proactive awareness for our company and our customers, who trust us to be an extension of their team. We are always looking for areas where we can innovate, improve, fix, transform and revolutionize, which ensures the protection, safety and success of everyone at SilverSky.

Individuals that can act intelligently and confidently without an ego will thrive.

If this opportunity sounds interesting and you are passionate about redefining how the world thinks about cyber security, we want to hear from you. Apply now if you are interested in learning more about how we can change the rules of engagement, together.

Work Arrangement

This is an onsite position based in the United States.

At this time, we are not hiring candidates who require visa sponsorship. All applicants must be legally authorized to work in the United States without the need for current or future visa sponsorship.

*About SilverSky*

We are a global cyber security company with more than 20 years of professional experience in the industry. Our 300+ employees are on a mission to protect our customers with comprehensive, adaptive security services that maximize technology and automate responses, while empowering security analysts to hunt for threats, react and respond immediately. It’s the human enhanced response that differentiates SilverSky and allows us to create the most comprehensive managed detection and response (MxDR) solution in the industry by delivering on our Vision, Velocity, Vigilance philosophy. Follow us on X and LinkedIn to learn more.