Location: Austin, Texas Categories: Information Technology Req ID: 15868
Overview
The SolarWinds Global Information Security team seeking a senior security engineer who will be responsible for the day-to-day operations, liaison, maintenance, and management of the security operations center (SOC). The SOC Manager will provide leadership, coordination, and operational management of the security operations team and will lead the planning, direction and vendor relationship between SolarWinds and the managed services security provider.
The security operations manager will be responsible for systems and processes which support our security operations center, will lead the effort to mature our detection and response program and work directly with our managed detection and response vendor to ensure the goals and objectives of our program are met.
The SOC manager will serve as a senior member of our security operations center team and will be the primary interface between the SOC, incident response, security architecture and engineering, and governance, risk, and compliance teams. The ideal candidate for this role will possess the experience and be able to fully demonstrate the ability to provide technical and procedural leadership and function as an escalation point for issues outside the scope of normal SOC monitor, triage and remediation.
Responsibilities
Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for the Security Operations Center
Serving as the senior engineer on the security operations team of globally dispersed security operations staff members
Work with Information Technology, Information Security and Security Operations Center (SOC) personnel to operate and maintain Threat Monitoring solutions and to create an auditing and logging strategy
Guiding the managed security service provider and other information security partners to validate the appropriate identification, investigation, response and remediation are on track.
Ensuring compliance to established SLAs and be responsible for adhering to established SOC best practices, processes, and standards
Revising and developing processes to strengthen the security operations framework, review policies, and highlight any issues with managing Service Level Agreements (SLA).
Developing use cases for security monitoring that include assessing threats, developing threat models, and understanding threat vectors that feed back into the security monitoring processes.
Responsible for integration of standard and non-standard logs in SIEM
Creation of reports, dashboards, metrics for SOC operations and presentation to key stakeholders
Drive the implementation of new information security monitoring use cases into the managed security services provider baseline
Qualifications
5+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection and security event analysis
3+ years of experience leading or serving as a senior member of a security operations team
Technical and industry certifications or equivalent experience are a plus (CISA, CISM, CISSP, GIAC)
Knowledge of current and emerging technologies and tactics used within a SOC and how they can be applied to improve efficiency and effectiveness
Working knowledge of SIEM technologies, like Splunk ES, McAfee ESM, specific certification
Solid understanding of cybersecurity "best practices" including principles, security protocols and standards material such as OWASP Top 10 and SANS Critical Security Controls
Broad understanding of the cyber security threat landscape and the tools, techniques and tactics of threat actors.
Solid understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures
Experience with on premise and cloud-based security technologies like data loss prevention, endpoint security, log and event analysis, user behavior analytics, next generation firewalls, and file integrity monitoring.
Excellent written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and auditors, assessors, and consultants, and customers
Ability to work independently with minimal direction and collaborate effectively with local and remote teams using a customer first mindset and approach
SolarWinds is an Equal Employment Opportunity Employer. SolarWinds will consider all qualified applicants for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, marital status, disability, veteran status or any other characteristic protected by law.