Cyber Security Operations Job Description
Cyber Security Operations Duties & Responsibilities
To write an effective cyber security operations job description, begin by listing detailed duties, responsibilities and expectations. We have included cyber security operations job description templates that you can modify and use.
Sample responsibilities for this position include:
Cyber Security Operations Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cyber Security Operations
List any licenses or certifications required by the position: CISSP, CEH, GIAC, SANS, CISM, GCIA, II, IAT, CSSP-A, CISA
Education for Cyber Security Operations
Typically a job would require a certain level of education.
Employers hiring for the cyber security operations job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Education, Cyber Security, Information Systems, Information Technology, Technical, Information Security, Computer, Business
Skills for Cyber Security Operations
Desired skills for cyber security operations include:
Desired experience for cyber security operations includes:
Cyber Security Operations Examples
Cyber Security Operations Job Description
- Plan, design and implement an overall risk management process for the SOC
- 8+ years of relevant experience in supporting critical security based applications
- Experience in process improvement projects and/or re-engineering and ability to build strong partnerships across multiple technology teams
- Documents, or enhance existing operational documentation for Production Management Teams with minimal supervision
- Lead a team of Operations Analysts focused on detection of cyber security events, management of detection infrastructure, and response to global cyber security incidents
- Solid communications skills are required, needs to be able to adjust communications style according to audience
- Document run-books for execution by the SOC
- Threat Intelligence reports on criminal groups targeting YNAP
- Monitors and analyzes log events generated from a variety of platforms including SEIM, IDS/IPS, Firewalls, WAFs, AntiVirus, application logs and Mobile Threat Defense Applications
- Investigates and determines if risk is present based on alerts
- Strong technical background with core security technologies such as firewall, anti-virus, SIEM, IDS/IPS, vulnerability scanning
- Must possess broad knowledge relating to IT
- Must have or be able to qualify for required security clearances
- The candidate must have excellent technical, communication (verbal and written) and time management skills the ability to visualize/execute projects are essential
- Demonstrated experience leading security operations centers with globally distributed teams
- This role will have supervisory responsibilities
Cyber Security Operations Job Description
- Analyzes, documents, remediates, or escalates events
- Participates in incident response activities
- Performs actions and develops reports for escalation of security events or investigations
- Monitors key controls and/or systems and performs updates as required
- Maintain a working relationship with a 24x7 external cyber intelligence and threat monitoring service (MSSP)
- Respond and manage security events.Engage in security investigations and use tools to identify and report the outcomes of incidents to senior management
- A proven track record of delivering new capability alongside uplifting existing capability
- Significant business experience at a senior management level
- Outstanding leadership qualities with the ability to seek out new opportunities
- The ability to advise and make priority decisions in a fast paced, often constantly evolving operational environment
- Motivated self-starter with the proven ability to
- GCIH, CSIH, or GCIA Certifications
- BA or BS degree in Information Technology, Computer Science, Computer Engineering, or Cyber Security preferred
- CISSP, CEH, or other similar certification preferred
- Must have 2-4 years’ experience supporting or troubleshooting information security applications
- 2+ years’ experience in health and performance monitoring, dashboard technologies
Cyber Security Operations Job Description
- Providing expert Cyber Security guidance across the Society
- Supporting our suppliers and third parties in understanding and managing the Cyber risk to our appetite and expectation
- Acts as technical author and reviewer for incident, alert, vulnerability reports, and threat advisories
- Plan, facilitate and attend regular meetings relating to the Security services and the interaction between other SOC and wider technical areas
- Manage the design, development, implementation and support of all components within the Regional Security Operations Center
- Manage existing metrics program
- Assist in the development of content for the SIEM by engaging the STS Intel Team and Advisory for Threat Intel other SOC groups
- Manage outsourced and in-house SOC services for quality performance and fulfilment of Service Level Agreements (SLA)
- Performs daily response operations with a schedule that may involve nontraditional working hours
- Manage and maintain 24/7 cyber security operations solutions, services, and resources
- BS/BA degree or equivalent experience desired
- Leadership experience in Security with a focus on security tool technology, security management and policy enforcement
- Programming and scripting skills (Python, BASH, SQL)
- 35 Joint Strike Fighter program a plus
- ON call work in a 7x24 Operations Center
- Bachelor’s degree in the field of computer science, information systems, or software engineering, with a minimum of 8 years equivalent work experience preferred
Cyber Security Operations Job Description
- Ensure high-availability service levels, fulfillment of business service levels, and operations support objectives
- Oversee the development and maintenance of cyber security operations processes, standards, and architectures
- Direct assessments of mixed platform environments including systems, networks, databases, and applications
- Lead change management, operational readiness, and performance delivery for cyber security solutions
- Direct maintenance, support, administration, break/fix remediation (including root cause analysis), availability/capacity reporting, and health/performance monitoring
- Oversee the collection and management of metrics to ensure effective/efficient cyber security operations
- Research, evaluate, and recommend new security technologies, processes, and methodologies
- Assist with the development and management of budget, technology, service, and solution/vendor roadmaps
- Manage a Security Operations Support team, specializing in Security Systems and Industry Best Practices
- Hire and retain the Security Support personnel now and planning for future business needs
- Experience of at least one SIEM tool
- Splunk SIEM experience
- Working knowledge of at least one public/private cloud platform
- A desire to move into a team management role
- Close engagement with operational security teams
- Enterprise clouds security best practices
Cyber Security Operations Job Description
- Recommend and implement improvements to security services
- Builds processes to monitor and analyze log events generated from a variety of platforms including the SEIM, escalated/privileged access tracking, IDS/IPS, Firewalls, WAFs, AntiVirus, application logs and Mobile Threat Defense Applications
- Serves as an escalation point for security events
- Documents and participates in incident response activities
- Reviews reports and further develops investigations for escalation of security events
- Trains and mentor CSOC analysts
- Hands-On capabilities on implementing & integrating Cyber-Security tools & technologies on costumer sites
- Tight work with the R&D teams that develops proprietary Cyber-Security tools, and integrate it at the costumer’s sites – local and abroad
- Willing to travel abroad to a various costumer sites (Data Centers, R&D sites, production sites …)
- Interprets and disseminates PKI policy to subordinate personnel
- Very solid experience using, supporting, and deploying security testing and analysis tools, development of threat assessments and security testing methodologies
- Proficient in MS Office applications (Outlook, Word, Excel, VISIO
- Bachelor's degree in Cyber, Computer Science, Computer Information Systems, Information and Technology Systems, Math ar Science or related discipline
- Must be available to collaborate with the SOC Managers in EMEA and the US as necessary
- Experience with validation and verification, security test, and evaluation of IA controls
- Experience with Enterprise Mission Assurance Support Service (eMASS) Navy database and manual and automated vulnerability test and evaluation for information systems, software applications, and laboratories