Service Manager - Cyber Security Operation Center
5 days left
- Full Time
A member of SI Group, SI Cyber is a leading Managed Security Services Provider and we are driven by a desire to offer our clients the highest degree of protection against today’s cyber threats.
We protect all IT assets including virtual assets, cloud and traditional infrastructure using our team of over 100 dedicated security experts across our Security Operation Centers in London, Dubai, Doha, Pune and Riyadh. We service more than 120 clients, ranging from banks to heads of state, whose networks and offices are spread around the world.
We are looking for an experienced IT Security Analyst with both Service Management expertise, Business Analytics and Reporting and Cyber Security Operation Center skills. The candidate shall ensure that the SOC team is performing its functions as required and to trouble shoot problematic incidents and events and shall be capable of providing analytics and reporting for security events. In summary the candidate shall also act as the lead technical SME and perform the following:
- IT Security Analytics: The candidate shall be able to perform cyber security investigations using SOC analysis tools and techniques and shall be able to provide security incident handling;
- Business Intelligence: The candidate shall be able to prepare, independently, reports, visualisations and presentations to report on technical security metrics. This will include the user of analytics tools, advanced excel, VB script, macros, API development and the like;
- Security Operation Center Management: The candidate must have experience in managing teams of analysts and SOC engineers for the delivery of managed security services in a multi-tenant environment. This includes core SOC operations experience in monitoring, analysis, tooling and processes. This also requires excellent communication skills, written, oral and collaboration in both English and Hindi;
- Customer Service Management: The candidate must be able to provide service and account management to multiple concurrent customers and provide weekly presentations and meetings. Must have experience in managing service level assurances and KPI’s.
Mandatory candidate requirements
IT Security Analysis: The candidate must has the skills and experience in:
- Snort, Wireshark, Kali Linux, Microsoft ATA, Vectra or Darktrace, LogRhythm SIEM, QRadar SIEM, Carbon Black Response, Nessus, Security incident handling
Business Intelligence and Reporting: Experience in the use of business intelligence tools for statistical analysis and reporting on security related events. Additionally, expertise in preparing professional reports in Word, Powerpoint and Excel (advanced). Minimum tools experience include PowerBi or Qliksense
Security Operation Center Management Skills: The candidate must have experience in managing teams of analysts and SOC engineers for the delivery of managed security services. The minimum skills and expertise include:
- Configuring SIEM tools for customer onboarding
- Validating and auditing logging and troubleshooting
- Auditing and supporting Active Directory
- Development of custom parsers for LogRhythm and QRadar
- Create new content for SIEM (Rules, Lists, Queries, Use Cases)
- Conduct security incident investigations utilising the provisioned SIEM instance
- Conduct security incident investigations with demonstrated in-depth knowledge of networks, operating systems, intrusion detection systems, event logs and event correlation
- Respond to security incident and investigation requests in line with established Incident Response processes
- Identification, collection, analysis and preservation of digital evidence
- Conduct examinations of computers system logs, applications and networks to locate evidence
- Review investigation requests and determine the level of response required
- With other security and technical teams; identifies and recommends the best methods and procedures for preservation, evidence recovery, and presentation of computer evidence.
- Managing the SOC analysts workload
- Managing customer incidents, investigations and service requests.
Customer Service Management: The candidate shall have experience in account and service delivery management for multiple major accounts simultaneously whilst working for a major IT Service provider. Demonstrable experience in working for UK and US based customers and interacting at a senior level.
Language skills: Perfect English language is the primary requirements both oral and written. Hindi is a requirement for coordination with our offshore Security Operation Centre on a daily basis.
Location: Shall be on call outside of business hours. Shall have experience in working in other geographic regions.
Qualifications and Educational Requirements: The candidate shall have first degree in computer science and shall be competent in:
- Bachelor’s Degree in Computer Science. 2:1 or above.
- Microsoft End user computing admin
- Microsoft Server admin
- Active Directory admin
Personal Attributes: We require people who are:
- Independent thinkers, who take the initiative
- Natural leaders, who can build and manage teams
- Ability to share, collaborate and generally work as a team
- Should be humble and open to new ideas, people and varied cultures
- Should be able to work under pressure
Should you be interested in this vacancy, please send us your c.v. and covering letter by the closing date: 23rd March 2019