SOC Manager

• Enhances and maintains the SOC program and executes initiatives to protect, detect and respond to security threats and incidents.  

• Responsible for a team of SOC analysts who continuously perform monitoring and triage of alerts and execute incident response playbooks.  

• Oversee activities of service providers to deliver effective and efficient SOC operations while ensuring fulfilment of SLAs 

• Review and enhance policies, procedures and playbooks to ensure adequate detection, prevention and incident response levels. 

• Review and continuously enhance SOAR playbooks. 

• Leads cyber security incident investigations and acts as Lead Incident Investigator / Manager 

• Work with vendors or consultants as appropriate for services or implementation of new technologies or enhancement of existing capabilities 

• Work with Security Engineering function to address SOC identified control gaps or solution enhancements 

• Collaborate with the Cyber Threat Intel and Red Team functions to identify priority detection and prevention enhancement across the control and security solutions environment 

• Work with Cyber & Information Security management to continue to mature the SOC  

• Plan and execute regular incident response and tabletop exercises. 

• Develop and maintain objectives, trend analysis, metrics and KPIs supporting the department’s strategic direction and continuously improve SOC capabilities 

• Advise management on cybersecurity tool selection to satisfy SOC functions and to address security gaps 

Skills & Experience  

• The successful candidate will have experience of operating in a technically complex, fast changing and dynamic environment.   

• The ideal candidate will have a genuine passion for Cybersecurity, must have the ability to maintain composure under pressure and work calmly during an emergency.   

• Solid grasp of common cyber frameworks and models such as NIST, the MITRE ATT&CK, D3FEND, Cyber Kill Chain and modern penetration testing techniques 

• Solid understanding of incident response processes, workflows, communications and reporting, analytical issues and cross-department collaboration 

• Experience working in a security operations center, red team or blue team operations and ability to think both like an attacker and defender 

• Strong leadership and communication skills with senior management 

• Excellent organizational skills with ability to handle multiple high visibility issues simultaneously 

• Familiarity of the cyber threat landscape including threat actors, tactics, tools and procedures, and effective countermeasures. Additionally, knowledge of common techniques used by malware and threat actors 

• Deep technical understanding of SIEM, SOAR, EDR, NDR, firewalls, IDPS, WAF, load balancing, network, web and email security tools with a variety of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, databases and containerization. 

• Be a self-starter, work independently and able to quickly adjust to changing priorities 

• Strong verbal and written communication skills with ability to analyse, summarize, and communicate large volumes of information in a clear and succinct manner with careful attention to detail 

Qualifications & Experience: 

• 5+ years of technical security experience, with 3+ years of experience leading a cyber incident response or security operations team within a large enterprise organization 

• Bachelor’s degree in information security, computer science, or other related program 

• Information security related certification desired (e.g., GCIA, GCIH, GSFA, GSOC, GSOM or similar professional certifications) 

Benefits of Working in ICON: 

• Our success depends on the quality of our people. That’s why we’ve made it a priority to build a culture that rewards high performance and nurtures talent. 

• We offer very competitive salary packages. And to keep them competitive, we regularly benchmark them against our competitors. Our annual bonuses reflect delivery of performance goals – both ours and yours. 

• We also provide a range of health-related benefits to employees and their families and offer competitive retirement plans – and related benefits such as life assurance – so you can save and plan with confidence for the years ahead. 

• But beyond the competitive salaries and comprehensive benefits, you’ll benefit from an environment where you are encouraged to fulfil your sense of purpose and drive lasting change. 

• ICON is an equal opportunity and inclusive employer and is committed to providing a workplace free of discrimination and harassment. All qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. 

• If, because of a medical condition or disability, you need a reasonable accommodation for any part of the application process, or in order to perform the essential functions of a position, please let us know through the form below.