Sr. Security Engineer

---

Job description

You will work with various internal and external SOC/TI-related stakeholders to make sure that the security posture is always being strengthened as we work to continually improve our security configurations, practices and processes. You will be responsible for controlling SOC/TI budgets and monitoring SOC/TI related costs. You must have an extremely people centric approach and must be able to perform well under pressure and in adverse situations.

Responsibilities

• Provide day-to-day management and strategic direction to the global SOC/TI teams
• Build and maintain an appropriately skilled 24x7x365 SOC/TI team by defining and implementing the team's structure, policies, processes, schedules and playbooks
• Develop and implement training plans, perform personnel reviews and personnel development activities
• Manage the team's hiring and offboarding activities
• Provide mentoring, procedural guidance, support and operational oversight for the SOC/TI team
• Set and monitor KPIs and objectives for the SOC/TI and the members in the team
• Monitor and evaluate the SOC/TI team's output then implement plans to improve capability, throughput and efficiency of the team where necessary
• Identify and remediate technology and process gaps in the SOC/TI team
• Collaborate with the Security Engineering group to ensure SOC/TI technologies are stable, scalable and performant
• Review existing SOC/TI technology and processes to ensure they are operating in the most effective way to detect, investigate, remediate and recover from security incidents
• Enable the SOC/TI team to run investigations into the root cause of security events by ensuring the team has the appropriate access to tools and resources
• Build escalation paths and foster relationships with groups the SOC/TI will interact with
• Work with various SOC/TI related stakeholders to make sure that the security posture is constantly being refined and strengthened
• Review and improve processes concerning the detection, investigation, remediation and reporting of security events through to the closure of security-related incidents
• Maintain and enhance incident handling and response policies and processes
• Drive the development and implementation of new methods for detecting attacks and malicious activities
• Conduct lessons learned sessions following live or simulated incidents to ensure continual improvements
• Applying commonly used information security standards with respect to the technology and processes used in the SOC/TI
• Produce a SOC/TI budget appropriate to current and future needs of the team
• Assist with certification program, including supporting ISO 27001, SOC 2 type II and FedRAMP activities
  

Posted By: Mark Reilly