SOC Manager

• Enhances and maintains the SOC program and executes initiatives to protect, detect and respond to security threats and incidents.  

• Responsible for a team of SOC analysts who continuously perform monitoring and triage of alerts and execute incident response playbooks.  

• Oversee activities of service providers to deliver effective and efficient SOC operations while ensuring fulfilment of SLAs 

• Review and enhance policies, procedures and playbooks to ensure adequate detection, prevention and incident response levels. 

• Review and continuously enhance SOAR playbooks. 

• Leads cyber security incident investigations and acts as Lead Incident Investigator / Manager 

• Work with vendors or consultants as appropriate for services or implementation of new technologies or enhancement of existing capabilities 

• Work with Security Engineering function to address SOC identified control gaps or solution enhancements 

• Collaborate with the Cyber Threat Intel and Red Team functions to identify priority detection and prevention enhancement across the control and security solutions environment 

• Work with Cyber & Information Security management to continue to mature the SOC  

• Plan and execute regular incident response and tabletop exercises. 

• Develop and maintain objectives, trend analysis, metrics and KPIs supporting the department’s strategic direction and continuously improve SOC capabilities 

• Advise management on cybersecurity tool selection to satisfy SOC functions and to address security gaps 

Skills & Experience  

• The successful candidate will have experience of operating in a technically complex, fast changing and dynamic environment.   

• The ideal candidate will have a genuine passion for Cybersecurity, must have the ability to maintain composure under pressure and work calmly during an emergency.   

• Solid grasp of common cyber frameworks and models such as NIST, the MITRE ATT&CK, D3FEND, Cyber Kill Chain and modern penetration testing techniques 

• Solid understanding of incident response processes, workflows, communications and reporting, analytical issues and cross-department collaboration 

• Experience working in a security operations center, red team or blue team operations and ability to think both like an attacker and defender 

• Strong leadership and communication skills with senior management 

• Excellent organizational skills with ability to handle multiple high visibility issues simultaneously 

• Familiarity of the cyber threat landscape including threat actors, tactics, tools and procedures, and effective countermeasures. Additionally, knowledge of common techniques used by malware and threat actors 

• Deep technical understanding of SIEM, SOAR, EDR, NDR, firewalls, IDPS, WAF, load balancing, network, web and email security tools with a variety of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, databases and containerization. 

• Be a self-starter, work independently and able to quickly adjust to changing priorities 

• Strong verbal and written communication skills with ability to analyse, summarize, and communicate large volumes of information in a clear and succinct manner with careful attention to detail 

Qualifications & Experience: 

• 5+ years of technical security experience, with 3+ years of experience leading a cyber incident response or security operations team within a large enterprise organization 

• Bachelor’s degree in information security, computer science, or other related program 

• Information security related certification desired (e.g., GCIA, GCIH, GSFA, GSOC, GSOM or similar professional certifications) 

Benefits of Working in ICON: 

• Our success depends on the quality of our people. That’s why we’ve made it a priority to build a culture that rewards high performance and nurtures talent. 

• We offer very competitive salary packages. And to keep them competitive, we regularly benchmark them against our competitors. Our annual bonuses reflect delivery of performance goals – both ours and yours. 

• We also provide a range of health-related benefits to employees and their families and offer competitive retirement plans – and related benefits such as life assurance – so you can save and plan with confidence for the years ahead. 

• But beyond the competitive salaries and comprehensive benefits, you’ll benefit from an environment where you are encouraged to fulfil your sense of purpose and drive lasting change.