Role & responsibilities We are seeking a highly motivated and experienced Security Operations Center (SOC) Manager to lead our 24x7 security operations team. The ideal candidate will possess a strong background in security operations, excellent leadership skills, and a proven ability to manage complex projects and deliver exceptional service. This role requires a focus on detail, a proactive approach to problem-solving, and the ability to maintain a high-performing, customer-centric team. Responsibilities: Team Leadership and Management: Manage and lead a 24x7 SOC team, ensuring optimal staffing levels and shift coverage. Recruit, train, and mentor SOC analysts and engineers, fostering a culture of continuous learning and professional development. Conduct regular performance evaluations, provide constructive feedback, and implement performance improvement plans as needed. Motivate and inspire team members, boosting morale and creating a positive work environment. Handle escalated incidents and provide guidance to the team during critical situations. Operational Management: Oversee the daily operations of the SOC, ensuring timely and effective incident detection, analysis, and response. Develop and maintain SOC policies, procedures, and workflows, ensuring adherence to industry best practices and compliance requirements. Monitor and analyze SOC metrics, identifying trends and areas for improvement. Manage and prioritize security incidents, ensuring efficient resolution and minimizing impact to the organization. Ensure the SOC meets or exceeds service level agreements (SLAs) and key performance indicators (KPIs). Project and Task Management: Plan, execute, and manage security operations projects, ensuring on-time and within-budget delivery. Prioritize tasks and manage workload effectively, ensuring the team meets deadlines and objectives. Develop and maintain project documentation, including project plans, status reports, and lessons learned. Coordinate with other IT teams and stakeholders to ensure seamless integration of security operations. Customer Satisfaction and Service Delivery: Ensure the SOC delivers high-quality service and maintains excellent customer satisfaction. Develop and maintain strong relationships with internal and external stakeholders. Proactively identify and address customer needs and concerns. Communicate effectively with stakeholders, providing regular updates on security incidents and operations. Attention to Detail and Reporting: Maintain meticulous records of security incidents, investigations, and actions taken. Generate regular reports on SOC performance, including incident metrics, trends, and recommendations. Ensure accuracy and completeness of all SOC documentation. Qualifications: Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience). Minimum of 10 years of experience in Network, Cybersecurity & operations, with at least 3 years in a management role. Strong understanding of security concepts, technologies, and best practices. Proven ability to lead and motivate a team in a 24x7 environment. Excellent project management and task management skills. Strong analytical and problem-solving skills. Excellent communication and interpersonal skills. Ability to work effectively under pressure and in a fast-paced environment. Relevant certifications (e.g., CISM, PMP, ITIL, Security+, GSOM & relevant technical certifications) are highly desirable. Experience with SIEM, SOAR, and other security tools. Skills: Leadership Team Management Project Management Incident Response Security Analysis SIEM/SOAR Communication Problem-Solving Attention to Detail Customer Service. Preferred candidate profile
We are seeking a highly skilled and experienced Cyber Security Analyst L3 to join our team. The ideal candidate will have strong expertise in cybersecurity investigation strategies, incident response, malware analysis, and advanced threat investigation techniques. The role also requires proficiency in open-source SIEM tools, EDR platforms, cloud security assessments, and server hardening practices. This position involves working with US-based clients and requires excellent communication skills. Key Responsibilities: Threat Investigation & Incident Response: Develop and implement advanced investigation strategies for cybersecurity incidents. Conduct detailed log analysis to identify threats, anomalies, and potential breaches. Perform malware analysis to understand behavior and mitigate threats. Manage end-to-end incident response processes and root cause analyses. Open-Source SIEM Expertise: Operate and integrate open-source SIEM platforms such as Wazuh, AlienVault, and others. Configure and fine-tune SIEM to enhance log ingestion, rule creation, and threat detection. Endpoint Detection and Response (EDR): Investigate incidents using EDR solutions like Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne. Analyze endpoint telemetry and execute threat hunting processes. Cloud Security: Conduct cloud security reviews for platforms such as AWS, Azure, and Google Cloud. Provide recommendations to strengthen cloud architecture and user authentication processes. Server Hardening & CIS Benchmarks: Implement server hardening techniques based on CIS benchmarks. Perform security assessments to address identified vulnerabilities. Threat Intelligence & SOAR Integration: Leverage threat intelligence platforms to proactively identify and mitigate potential threats. Work on SOAR (Security Orchestration, Automation, and Response) platforms to automate incident handling processes. Incident Handling & Communication: Lead incident handling efforts, coordinating with internal and external stakeholders. Provide clear, concise, and actionable communication to technical and non-technical audiences. Linux & Log Analysis: Review and analyze Linux system logs to identify potential security issues. Investigate unauthorized access attempts and system anomalies. Client Management: Collaborate with US-based clients, ensuring their cybersecurity needs are met. Deliver regular reports, updates, and recommendations to clients. Required Skills and Qualifications: 10+ years of hands-on experience in cybersecurity, incident response, and threat investigation. Expertise in open-source SIEM platforms like Wazuh, AlienVault, and their integration. Proficiency with EDR solutions such as Microsoft Defender, CrowdStrike, Carbon Black, and SentinelOne. Strong knowledge of cloud security best practices and architecture reviews. Experience in server hardening following CIS benchmarks. Familiarity with SOAR platforms and threat intelligence tools. Solid understanding of Linux systems and log review methodologies. Excellent communication skills for client interactions and technical reporting. Proven ability to work with international clients, especially in the US. Preferred Certifications: Certified Information Systems Security Professional (CISSP) Certified Incident Handler (GCIH) Certified Ethical Hacker (CEH) Microsoft Certified: Azure Security Engineer Associate AWS Certified Security Specialty This role provides an excellent opportunity for growth and exposure to advanced cybersecurity practices while working with a global team. Apply now to join a dynamic and forward-thinking organization!
Role & responsibilities We are seeking a technically proficient SIEM Onboarding Engineer to support the integration of customer environments into our Inopli SIEM platform. The ideal candidate will have strong experience in Linux system administration (preferably LPIC-2 certified), Python scripting, and a solid understanding of network and infrastructure components to facilitate secure data ingestion via syslog or HTTPS. Key Responsibilities: Lead and support onboarding of customer data sources into the Inopli SIEM platform. Develop and maintain Python scripts for custom parsing and correlation using the Inopli correlator. Configure and troubleshoot Linux-based syslog servers and log forwarders. Assist customers in enabling secure communication (syslog or HTTPS) from their infrastructure to the Inopli SaaS environment. Collaborate with internal teams and customers to ensure successful log ingestion and parsing. Document onboarding procedures, integration guides, and troubleshooting steps. Monitor onboarding progress and provide timely updates to stakeholders. Ensure compliance with security and privacy standards during data onboarding. Required Skills & Qualifications: 45 years of experience in Linux system administration (preferably LPIC-2 certified). Strong scripting skills in Python, especially for log parsing and automation. Experience with syslog protocols (Syslog, Syslog-ng, Rsyslog) and log forwarding tools (e.g., Filebeat, Logstash). Good understanding of network protocols, firewalls, and secure communication (HTTPS, TLS). Familiarity with SIEM platforms and log correlation concepts. Ability to troubleshoot connectivity and data parsing issues across diverse environments. Strong communication and customer-facing skills. Preferred Qualifications: Experience with Inopli SIEM or similar SaaS-based SIEM platforms. Knowledge of cloud environments (AWS, Azure, GCP) and their logging mechanisms. Exposure to onboarding logs from security tools (firewalls, EDR, antivirus, etc.). Familiarity with REST APIs and JSON data formats.
We are looking for a dynamic and detail-oriented Command Center Incident Response Engineer to join our 24x7 Security Operations team. The ideal candidate will have hands-on experience in incident response, network security administration, and Wintel (Windows + Intel) security operations at an L2 level. This role is critical in ensuring real-time monitoring, triage, and resolution of security incidents across enterprise environments. Key Responsibilities: Operate within a 24x7 Command Center environment to monitor and respond to security alerts and incidents. Perform L2 triage and analysis of security events using SIEM, EDR, and other monitoring tools. Escalate and coordinate with L3 teams for complex incidents and threat containment. Administer and troubleshoot Windows Server environments, Active Directory, and related services. Support network security operations including firewall rule reviews, VPN troubleshooting, and IDS/IPS monitoring. Maintain incident response documentation, shift handover reports, and playbooks. Collaborate with IT infrastructure teams to ensure timely patching and vulnerability remediation. Participate in periodic threat hunting and proactive security assessments. Ensure compliance with internal security policies and external regulatory requirements. Required Skills & Qualifications: 35 years of experience in a Security Operations Center (SOC) or Command Center environment. Strong understanding of Windows Server administration (L2 level) including AD, GPO, DNS, DHCP. Hands-on experience with network security tools and concepts (firewalls, proxies, IDS/IPS, VPNs). Proficiency with SIEM platforms (e.g., Splunk, QRadar, Sentinel) and EDR solutions. Familiarity with incident response frameworks (e.g., NIST, SANS). Ability to analyze logs, network traffic, and endpoint data to identify and respond to threats. Strong communication skills and ability to work in a high-pressure, fast-paced environment. Preferred Certifications: Security+ CEH Microsoft Certified: Security Operations Analyst Associate ITIL Foundation CCNA Security MCSA: Windows Server
Role & responsibilities We are seeking a skilled and detail-oriented ConnectWise Administrator to manage, maintain, and optimize our ConnectWise platform. This role is critical in ensuring the efficiency and effectiveness of our service delivery, ticketing, automation, and reporting processes. The ideal candidate will have hands-on experience with ConnectWise Manage, Automate, and related modules, and will work closely with cross-functional teams to support business operations. Key Responsibilities: Administer and maintain the ConnectWise suite (Manage, Automate, Control, etc.) Configure workflows, service boards, SLAs, and automation rules to streamline operations. Manage user roles, permissions, and security settings. Develop and maintain dashboards, reports, and KPIs for various departments. Integrate ConnectWise with third-party tools and platforms (e.g., QuickBooks, IT Glue, RMM tools). Provide training and support to internal users and ensure best practices are followed. Troubleshoot and resolve system issues, working with ConnectWise support as needed. Participate in system upgrades, testing, and documentation. Continuously evaluate and improve system performance and user experience. Qualifications: Proven experience as a ConnectWise Administrator or similar role. Strong knowledge of ConnectWise Manage and Automate. Experience with scripting (PowerShell, SQL) is a plus. Familiarity with ITIL processes and MSP operations. Excellent problem-solving and analytical skills. Strong communication and documentation abilities. Ability to work independently and collaboratively in a fast-paced environment. Preferred Certifications: ConnectWise Certified Professional (Manage/Automate) ITIL Foundation Certification Microsoft or CompTIA certifications (optional) Preferred candidate profile
The Senior Help Desk Manager will serve as the strategic liaison between customers, internal helpdesk support teams, and multiple backend service vendors. This role is responsible for ensuring seamless coordination across all stakeholders to deliver a consistent, high-quality technical support experience. The individual will leverage strong enterprise IT expertise to drive operational excellence, optimize processes, and foster customer satisfaction. Key Responsibilities: Vendor Management: Oversee and manage relationships with all helpdesk service vendors. Ensure compliance with SLAs, performance benchmarks, and escalation protocols. Conduct vendor performance reviews and implement corrective action plans where necessary. Customer Liaison: Act as the primary point of contact for customers on helpdesk-related services. Translate client expectations into actionable plans for internal and vendor teams. Ensure customer issues are resolved with professionalism, urgency, and quality. Operational Oversight: Lead daily operations of the helpdesk team, ensuring alignment with customer needs. Monitor ticket queues, response times, and resolution quality. Develop and implement escalation procedures for high-priority issues. Process Optimization: Continuously evaluate and streamline helpdesk workflows and tools. Use customer feedback, operational metrics, and vendor insights to improve service delivery. Implement best practices for knowledge management, self-service, and automation. Enterprise IT Perspective: Apply broad enterprise IT knowledge to anticipate customer challenges and design proactive solutions. Collaborate with internal IT and business stakeholders to ensure support services meet evolving organizational needs. Provide strategic input on technology roadmaps, service delivery models, and risk mitigation. Qualifications & Skills: Bachelors degree in Information Technology, Computer Science, or related field (Masters preferred). 10+ years of experience in IT support operations, with at least 5 years in a leadership/management capacity. Proven experience managing multi-vendor helpdesk or IT service delivery ecosystems. Strong knowledge of ITIL frameworks, service management tools, and enterprise IT environments. Exceptional communication, stakeholder management, and conflict resolution skills. Demonstrated success in driving customer satisfaction and operational improvements. Strong analytical mindset with the ability to interpret metrics and implement data-driven decisions. Preferred candidate profile