Job
Description
We are looking for a highly skilled and experienced Senior Security Operations Centre (SOC) Manager with a focus on SIEM tools to join our security team. As a SIEM Tools Specialist, you will be responsible for monitoring and analysing security events for multiple clients utilising our SIEM tool. You will undertake timely and accurate detection, investigation, and response to security incidents. In this role, you will collaborate closely with other security professionals, including threat hunters, incident responders, and forensic analysts, to ensure that the security operations centre (SOC) is always operational and that all security incidents are handled in a timely and effective manner to meet SLAs. You will also be responsible for ensuring that the SIEM tool is properly configured, managed, and optimised to meet the clients security requirements. Key Responsibilities: Security Event Analysis: Lead the analysis and investigation of information security events (IDS/DLP/SIEM/etc.) in a 24x7 SOC environment to swiftly detect, verify, and respond to cyber threats, while eliminating false positives. Technical Escalation: Serve as a technical point of escalation for complex security issues. Incident Investigation: Investigate incidents, analyze attack methods, research new defense techniques and tools, develop security policies, and document SOC procedures. Configuration Management: Maintain baselines for secure configuration and operations. Malware & Attack Analysis: Conduct malware analysis and other attack analyses to extract indicators of compromise and perform data security event correlation across various systems. Reporting: Prepare reports, summaries, and other forms of communication for both internal and client-facing purposes. SLA Compliance: Ensure compliance with SLAs, process adherence, and process improvement to achieve operational objectives. Process Development: Develop and deploy processes to ensure efficient and effective security operations. Mentorship: Provide guidance and mentorship to other security analysts and junior members of the security team. Continuous Learning: Stay up-to-date with the latest trends and best practices in cybersecurity and SIEM tools. Qualifications: Proven experience in a similar role within a SOC environment. Strong analytical and problem-solving skills. Proficiency with IDS, DLP, SIEM, and other security tools. Excellent communication skills, both written and verbal. Ability to work in a fast-paced, 24x7 environment. Strong understanding of security policies and procedures.
