Director of Cyber Security Operations (SOC)

Location: Kirkland, WA
Date Posted: 01-08-2019
Job Description
 
Direct and lead cyber security operations to deliver on the company mission and service value for its customers, fostering the success of the SOC team by providing both strategic direction and “in the trenches” support.

Your core priorities will be to:  
  • Serve as technical authority for both cyber security and computer science/engineering related inquiries as they pertain to the SOC mission
  • Communicate the SOC mission as outlined by senior leadership through clearly defined SOC objectives, directives and guidelines in efforts to create efficiency and team cohesion in the execution of the company’s mission.
  • Establish standards to evaluate SOC performance, accuracy and efficiencies in accordance with our goals. Create a program to gather metrics for empirical analysis of SOC product, and communicate results, recommendations and remediation’s to senior leadership.
  • Exhibit strong technical leadership and collaboration with other team members across remote office locations
  • Represent and communicate SOC interests and priorities in meetings and decision-making with the senior leadership team.
  • Work closely with Product Team to develop new tools, techniques, and data science processes that protect our clients
  • Provide guidance for continuous improvement of all SOC processes and reports, particularly in terms of accuracy, integrity, and efficiency
  • Work closely with SOC Manager and SOC Cyber Analysts to understand the “ground truth” of their daily work, in order to overcome obstacles, problem-solve, and assist in times of need
  • Lead by example to create an environment of trust and psychological safety within the company.  Facilitate candid dialog.  Foster the potential within other teammates and solicit their ideas. Invest time in coaching people individually to develop their full potential -- check-in on their goals, aspirations, concerns, and ideas.


KNOWLEDGE, SKILLS & ABILITIES REQUIRED 
  • 8+ years hands-on experience in the Cyber Security/Information Security industry
  • 4+ years of hands-on experience in the Cyber Security/Information Security industry, AND a degree, certificate, or formal training in a cybersecurity related subject
    • Ex: Degree in Cyber Security, Information Systems Security, Information Assurance, Digital Forensics, Computer Science or other equivalent
    • Ex: Certification in advanced cybersecurity topic, such as CISSP, CISM, CompTIA Advanced Security Practioner, GIAC Certified Incident Handler, or other equivalent
  • Plus, be able to demonstrate:
    • Leadership experience or/and experience managing teams
    • On-the-job experience in a cyber security operations center (SOC, CSOC, or NOC)
    • Working knowledge of core cyber security concepts (Cyber Kill chain, MITRE ATT&CK framework, Incident Handling, and Incident Response processes, Intrusion Detection & Prevention, Threat Intelligence & Situational Awareness.)
    • Deep understanding of Network protocols: TCP/IP, UDP, ICMP, TLS/SSL, DNS, SSH, HTTP/S, SMB, NTP, DHCP, FTP, SSL, SMTP, POP3, IMAP, and SIP
    • Experience detecting and analyzing Network Threats: DGA, Fast Flux, Tunneling, C2, MiTM, Phishing, etc.
    • Excellent written and verbal communication and collaboration skills; Confidence and capability in establishing and maintaining cross-departmental relationships and facilitating outcomes 
this job portal is powered by CATS