Security Operations Center Manager Job Description
Security Operations Center Manager Duties & Responsibilities
To write an effective security operations center manager job description, begin by listing detailed duties, responsibilities and expectations. We have included security operations center manager job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Operations Center Manager Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Operations Center Manager
List any licenses or certifications required by the position: CISSP, ITIL, CISM, GSEC, SIEM, ISSEP, ISSAP, GCIA, SEC503, GCED
Education for Security Operations Center Manager
Typically a job would require a certain level of education.
Employers hiring for the security operations center manager job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Education, Management, Engineering, Criminal Justice, Business, Computer Engineering, Information Security, Information Systems, Information Technology
Skills for Security Operations Center Manager
Desired skills for security operations center manager include:
Desired experience for security operations center manager includes:
Security Operations Center Manager Examples
Security Operations Center Manager Job Description
- Understand the internal SOC technologies and security feeds (firewall, router, switch, ) for device upgrades and patches for remediation and eradication procedures
- Analyze and evaluate network, system, and security alerts performing triage to include determining scope, urgency and potential impact, identifying the specific vulnerability
- Ensure adequate/skilled staffing
- Lead and develop a well-trained SIOC Team with core competencies necessary to manage risk, stay ahead of security threats or position team to effectively mitigate risk
- Lead the response to significant Security incidents, ensuring the SIOC teams effective response
- Provide oversight for and ensure completion of routine activities related to travel, event, and executive security
- Oversee all enterprise-wide incident reporting, including review for compliance with established standards and appropriate follow up activities
- Responsible for administrative and other support duties, to include scheduling, training, onboarding, and collection of metrics
- Monitor ticket age and total on a daily basis
- Delegate unassigned newly submitted tickets to analysts keeping in mind current workloads and availability
- Familiarity with industry standard frameworks (NIST, ISO, PCI)
- Results-driven individual who can manage multiple complex assignments, manage assignments based on criticality, in a timely and professional manner
- Ability to manage expectations with multiple stakeholders on projects and programs in conjunction with information security team
- Demonstrated personal integrity, the ability to professionally handle confidential matters and exhibit the appropriate level of judgment and decision making commensurate with the position and responsibilities
- Deep understanding of measurement and the key performance indicators for successful operations center environments
- Outstanding communication capabilities, written and oral, with an emphasis on prompt, transparent and appropriate targeting for incident related notifications
Security Operations Center Manager Job Description
- Be aware of all major incidents/tickets currently ongoing and ensure that they are properly handed off between analysts coming on and off weekends and overnights
- Be familiar with the service level agreements (SLAs) and the proper response times to call customers back on assigned tickets
- Notify management/incident handling when tickets have failed an SLA
- Look at available personnel resources on a daily basis to assess availability
- Examine ticket audit trail for incidents
- Maintain knowledge of applicable service level agreements and contracts/solutions for clients
- Monitor and report to management long term trends of SME ticket escalations and consultations
- Provide advice on potential process improvement for general ticket and queue management
- Track and report on training of new hires and current hires who are being retrained on specific skills
- Maintain operational skill-set for all supported clients/solutions while also performing queue manager job functions
- Experience coordinating delivery of projects
- Experience presenting project plans to senior leadership
- Experience communicating across a diversity of areas (e.g., legal, regulatory, finance, PR, external industry groups)
- Monitor email inboxes, work order service requests, and all communications devices
- Bachelor’s degree in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, Information Systems
- Experience with scripting languages, , Python, JavaScript, Perl
Security Operations Center Manager Job Description
- Oversees resolution of day-to-day operations issues to ensure user, business and production requirements are met
- Will participate in the recruitment for and ongoing leadership of graduate and undergraduate students
- Develop and maintain Standard Operating Procedures for security analyst roles and responsibilities
- Develop processes that analyze data and produce accurate, meaningful, easily interpreted results based on user requirements and use cases
- Conduct product evaluations of security technologies as directed
- Ability to manage a small team of people and drive process improvement in the SOC
- Develop policies, procedures and standards that meet existing and newly developed policy and regulatory requirements including SOX, PCI and HiTrust
- Assist in the selection and tailoring of approaches, methods and tools to support SOC offerings
- Actively participate in decision making with leadership and seek to understand the broader impact of current decisions
- Play substantive role in the training and development of staff/SOC analysts
- Proficient in German and English language
- 7 years of relevant experience with a combination of functional technical experience with aspects of major enterprise business systems and related technologies experience in a management and leadership role
- 4 years of college degree, preferably in IT Security, Information Systems or IT related fields
- Broad information cybersecurity knowledge, including familiarity with common attack methodologies, tactics and protocols, Advance Persistent Threat groups, Hacker activities
- Bachelor Degree or minimum of 3-5 years of relevant experience in physical security, risk management or law enforcement
- Experience supervising employee or non-employee teams
Security Operations Center Manager Job Description
- Manage program and processes to quickly detect, respond, and resolve security incidents
- Supervise company and managed resources across the globe and coordinate incident management
- Support and collaborate with multiple teams including NOC, OCC, Security Engineering, IAM, and Incident Response
- Establish and maintain operational SOP’s in support of GSOC and security technologies
- Establish and maintain training plans and conduct ongoing training of GSOC staff
- Establish a development program to foster professional advancement of the GSOC staff
- Create specialized dashboards, reports, alerts
- Develop incident metric program and global incident reporting
- Conduct critical research related to global events that could potentially impact organization
- Manages and is responsible for the successful completion of all tasks in assigned program area including technical work, financial and business development activitiess
- Ability to handle heavy load on pick period
- Experience in ticketing systems (Maximo and/or Remedy)
- Identifies trends and gaps with existing information security systems and processes
- Monitors the performance of strategic information security technology providers
- Bachelor of Science in a technical discipline or equivalent demonstrated experience and knowledge
- Demonstrated cyber incident handling experience to include the application of lessons learned
Security Operations Center Manager Job Description
- Build and operate Cyber Security Operations Center (CSOC) including outsourced level1 SOC and insourced Level2 SOC function
- Contract and establish outsource Level 1 SOC through managed security services partner
- Coordinate with Incident Response team to create post-incident feedback loop to educate SOC analysts and enhance detection capability
- Develop and maintain key cross-functional relationships with Physical Security, Product Security, IT, Legal, and other critical business unit areas
- Collaborate on and participate in table top Incident Response exercises
- Develops and implements GSOC-related strategic plans and projects that meet global security goals and objectives
- Leads the team on a daily basis in support of all designated GSOC tasks
- Manages individual and team efforts to consistently meet GSOC performance standards
- Develops a deep understanding of operational risks that drive appropriate response protocols that minimize Samaritan’s Purse impact
- Influences and improve existing processes through innovation and operational change
- Experience with Data Loss Prevention (DLP) tools including
- In-depth knowledge of current threat actors, techniques and trends in cyber security
- Knowledge and working experience as a user and/or admin of SIEM technology solutions
- Six (6) years of information security experience
- Four (4) years of experience working in a Security Operations Center preferred
- Understanding of security event monitoring concepts and incident response processes