Match score not available

XTN-A6D0249 | SOC MANAGER (INCIDENT HANDLING TEAM) - REMOTE

Remote: 
Full Remote
Contract: 
Experience: 
Expert & Leadership (>10 years)
Work from: 

Offer summary

Qualifications:

At least a Bachelor's Degree in Computer Science or related field, 10+ years of incident handling and response experience with knowledge in network security, system security, threat vectors, SIEM, and forensics.

Key responsabilities:

  • Directing incident handlers, responders, and examiners
  • Reviewing investigative cases and serving as an escalation point for major incidents
  • Maintaining team training, career development plans, and overseeing all incident handling procedures
  • Collaborating with stakeholders, leading critical investigations, and providing incident summary reports
KMC Solutions logo
KMC Solutions Real Estate Management & Development Large https://kmc.solutions/
1001 - 5000 Employees
See more KMC Solutions offers

Job description

The Purpose Driven Career Objectives of a Network /System / Database Administration at KMC:

Nuspire is a leading managed security services provider (MSSP) founded over 20 years ago to revolutionize the cybersecurity experience by taking an optimistic and people-first approach. Our deep bench of cybersecurity experts uses world-class threat intelligence as part of a Fusion Center to detect, respond, and remediate advanced cyber threats. 

 

Position Description:

 

The Incident Handling Manager directs the team of incident handlers, incident responders, and forensics examiners by way of mentoring, capacity management, performance management, and incident review. The Incident Handling manager partners with other Fusion Center areas and leaders to assist with incident investigation, collaboration, and communication.

 

As the Incident Handling Manager, you will be expected to understand and have deep experience in incident response and forensics. In this position, you will be reviewing investigative cases to ensure that processes are followed as well as serving as an escalation point for your team for customer interactions and declaring major incidents. This opportunity may require shift work and the ability to be available on[1]call on nights, weekends, and holidays.

 

The ideal candidate will have 10+ years of incident handling and response experience. They should have in-depth technical knowledge of network security, operating system security, vulnerability management, common attacker techniques and vectors, and SIEM. They should have direct experience in leading critical investigations. They should have experience in writing technical investigation reports as well as incident summary reports for leadership. They should have experience managing teams of 10 or more people and providing mentorship. 

To apply for Network /System / Database Administration, you are excellent at:
  • Providing day-to-day oversight of incident handling, incident response, and forensics teams
  • Reviewing all incidents and participate in shift turnover meetings
  • Maintaining and enhance team training program
  • Maintaining and enhance career development and advancement plans
  • Managing multiple priorities and projects at once
  • Being responsible for overall ownership of all playbooks, procedures, and workflows pertaining to incident handling and forensics
  • Serving as a subject matter expert as it pertains to incident handling and incident response processes
  • Collaborating with SIEM team to drive down false positives of alerts
Your Success Profile includes:
  • At least 10 years of security experience
  • Advanced incident investigation and response experience
  • Advanced log parsing and analysis skill sets
  • Advanced knowledge of networking fundamentals
  • Moderate knowledge of Windows, Linux/Unix, and Mac operating systems
  • Moderate knowledge of network defenses such as firewalls, IDS/IPS, proxies
  • Moderate knowledge of forensic techniques
  • Moderate knowledge of audit requirements (PCI, HIPAA, SOX, NYDFS, etc)

 

Preferred Skills:

  • The ability to communicate technical and security topics to executive leadership
  • Advanced understanding of the TCP/IP packet framework
  • Advanced understanding of MITRE ATT&CK and Cyber Kill Chain frameworks
  • Ethical hacking/penetration testing experience · Attacker mindset
  • Moderate understand of different cryptographic algorithms
  • Experience in multiple roles in incident response
  • Ability to explain technical security events to non-technical audiences
  • Understanding of cyber fraud and the attack vectors

 

Education/Certifications/Training Required:

  • Bachelors’ Degree in Computer Science, Information Security Assurance, or equivalent experience

 

Education/Certifications/Training Preferred:

  • GIAC, GCIH, GMON, OSCP, CEH, CEPT
  • CCNA, CCNP
  • CISSP

Required profile

Experience

Level of experience: Expert & Leadership (>10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Time Management
  • Communication
  • Leadership
  • Mentorship
  • Collaboration
  • Team Management

Related jobs