SOC Manager

Description:

Working in conjunction with the CISO, the Security Operations Center Manager will be responsible for developing & managing internal security operations tasks and Analysts for an emerging Security Operations Center. The SOC Manager will be responsible for the technical and process direction of the Security Operations Center, providing direction to the analysts as well as acting as a liaison to other teams within SPARQ Global. As the SPARQ Global cybersecurity team grows, the Security Operations Center will ultimately be responsible to provide 24x7x365 continuous investigation of correlated security event feeds and the appropriate triage and escalation in case of an identified security incident. The Security Operation Center will be the primary contact for any suspected security incident and will handle all Incident Response capabilities for resolving incidents and remediating threats across the SPARQ Global internal and customer environments.

Responsibilities:

• Responsible for security analysis, triage and escalation procedures, workflows and tasks

• Leadership for the expansion and growth of the SOC, driving integration of new products and services

• Ensure that Standard Operating Procedures are being created and followed by the team

• Identify opportunities to improve security monitoring and operational tasks

• Evaluate existing SIEM rules, filters, events and use cases and adapt to meet business requirements

• Ensure that Service Level Agreements are defined, tracked and met

• Develop measurement capabilities and metrics to track and communicate performance, coverage and risk.

• Maintain awareness of trends in security regulatory, technology, and operational requirements

• Develop, mentor and guide SOC Analysts and perform knowledge transfer to other teams as required

• Serve as team leader and mentor, defining and driving goals and performance for SOC analysts

• Work with outside teams in the development of a comprehensive set of operational security policies and standards designed to permit the organization to achieve its business objectives while effectively managing security and compliance requirements 

Desired Experience/Qualifications:

• Bachelor s Degree

• Professional certifications such as CISSP, CISM, SANS GIAC/GCIH

• 3+ years managing a Security Operations Center

• 5+ years working within the information security field, with emphasis on security operations, incident management, intrusion analysis

• SOC automation development and cloud operations (e. g. AWS) experience

• In-depth familiarity with security policies based on industry standards and best practices (e.g., NIST, ISO, HIPAA, GDPR)

• Thorough knowledge of open-source and proprietary SIEM and cybersecurity technologies

• Experience in designing and building security operations centers, incident management process development and incident management experience

• Experience with security device installations, configuration and troubleshooting (e. g., firewall, IDS, etc.)

• Ability to lead and communicate efficiently within a team environment

• Great customer service skills

• Advanced technical writing skills

• NOTE: Salary requirements MUST be provided. Responses without requirements will not be considered.

Location

Virginia Beach, Virginia

SOC Analyst III

Description:

Working with the SOC Manager, the Analyst will be responsible for developing & performing internal and customer security operations tasks within a new Security Operations Center buildout. The Analyst will be responsible for delivering the capabilities of the SOC, working with other Analysts, the management team, and vendor Tier I support to resolve incidents, as well as acting as a liaison within SPARQ Global. As the SPARQ Global cybersecurity team grows, the Security Operations Center will ultimately be responsible to provide 24x7x365 continuous investigation of correlated security event feeds and the appropriate triage and escalation in case of an identified security incident. The Security Operation Center will be the primary contact for any suspected security incident and will handle all Incident Response capabilities for resolving incidents and remediating threats across the SPARQ Global internal and customer environments.

Responsibilities:

• Responsible for security analysis, performance of triage and escalation procedures, workflows and tasks
• Participates and completes tasks associated with the implementations for systems and network security technologies; executes testing plans; coordinates and prepares reporting of data security events and incidents; provides system and network architecture support; provides technical support to business and technology associates
• Provides incident response and trouble resolution on complex issues
• Performs system and network upgrade tasks
• Designs and analyzes vendor services and information security requirements; maintains relationship with key vendors
• Participates and completes lights-on initiatives to consolidate equipment and/or implement business requirements
• Performs complex configuration changes to meet business and information security requirements
• Performs capacity analysis; recommends and implements capacity increases and additional support needs
• Responds to Level 3 and 4 change and problem requests; leads Level 1 and 2 incident recoveries and root cause analysis
• Develop, mentor and guide junior SOC Analysts and perform knowledge transfer to other teams as required

Desired Experience/Qualifications:

• Bachelor s Degree
• Professional certifications such as CISSP, CISM, SANS GIAC/GCIH
• 3+ years working within a Security Operations Center
• 5+ years working within the information security field, with emphasis on security operations, incident management, intrusion analysis
• SOC automation development and cloud operations (e. g. AWS) experience
• In-depth familiarity with security policies based on industry standards and best practices (e.g., NIST, ISO, HIPAA, GDPR)
• Thorough knowledge of open-source and proprietary SIEM and cybersecurity technologies
• Experience with incident management process development and incident management experience
• Experience with security device installations, configuration and troubleshooting (e. g., firewall, IDS, etc.)
• Ability to work and communicate efficiently within a team environment
• Great customer service skills
• Advanced technical writing skills
• NOTE: Salary requirements MUST be provided. Responses without requirements will not be considered.

Location

Virginia Beach, Virginia