Job
Description
Security Operations Center Manager will be responsible for leading Envestnet Security Incident response program by ensuring an appropriate, riskbased approach for SecurityMonitoring/Incident detection, Security Incident Response and Remediation process by partnering with MDR (Managed Detection and Response) service and internal teams. This will be accomplished through the effective functional management of day today tasks of securityanalysts, third party MDR provider, Implementations and maintenance of processs, and deployed security tools for detection, prevention, and response. Job Responsibilities: Lead the enterprise-wide security incident management and response. Review, evaluate, and enhance incident detection and response capabilities by periodic review of tools, processes, and IR playbooks. Ability to handle 24 * 7 operations with a hybrid operating model (In House + MDR) to gain the maximum efficiency and business benefits. Generating security metrics that align with business risks, reports, and dashboards for management consumption. Lead efforts to drive automation using SOAR of incident triage and response and expand advanced threat hunting capabilities. Provide functional direction and support for daily support activities. Develop and mentor staff through open communication, training, and developmentopportunities. Develop strategic goals to transform the Security operations center to be ready for the changing threat landscapes and evolving challenges. Required Skills: Minimum 5 years of leading a Security team, with experience managing security incident detection and Response program. Creative thinker with exceptional business, strategic, analytical, management, and relationship management skills. Strong knowledge of networks, operating systems, cryptography, preventive,detective, and offensive security solutions. Experience working with cloud services like Amazon Web Services, Google, and Microsoft Azure Cloud Excellent understanding of information security concepts, protocols, tools, industry best practices, and strategies. Focus on a business appropriate measured response, strong time management, Effective prioritization, and proper sense of urgency in day-today Security Operations. Ability to identify needs, take the initiative, and prioritize work efforts — balancing operational tasks with longer-term strategic security efforts. Experience in designing, implementing, and measuring relevant security and technologymanagement critical success factors, key performance indicators, and metrics. Experience working with security detection/prevention platforms like EDR, ContainerSecurity, Identity product, Vulnerability Management products and process,MicrosoftSecurity platforms, Data protection platforms, Threat/Brand Intel and Identity Intelligence, SIEM, SOAR platforms etc. Experience working with industry-standard forensics tools (XWay forensics, Encase, Access data, SIFT, FTK) Excellent understanding & concept of standard audits such as PCI, SOC2, ISO27001, and SOX.Security certifications such as CISSP. Show more Show less
