Manager - IT Security Operations

Overview

Implement and manage Rapid7 SIEM, handling L2 security incidents and SOC monitoring.

Key Responsibilities

• siem management
• incident triage
• l2 response
• metrics reporting
• process improvement
• device installation

Tasks

-Provide remediation advice and assist incident response team in security incident response activities, escalate if required -Adding all new servers, network equipment, security tools, cloud workloads to the SIEM for incident management and monitoring -Support in the creation of operational documents such as- use cases, play/run books and training materials for incident response, and ensures regular updating of these documents. -Triaging, investigating and management of ongoing Security Incidents which come as escalations from L1 team, and oversees the SOC monitoring capabilities and reporting of security related events. -Support in the creation of various metrics, reporting, review of incident progress to Operations Manager -Responsible for L2 activities for Security Incidents as part of SOC -Communicate potential threats, suspicious/anomalous activity, malware, etc., to the Security SOC provider, and be a point of contact for JOHN COCKERILL Cybersecurity issues -Continuously improve processes for use across multiple detection sets for more efficient operations -Should be responsible for Cybersecurity incident management and own the Incident under resolution -Responsible for implementing and managing the SIEM tool (Rapid 7) -Installation of active devices in data center

Requirements

• windows
• powershell
• azure
• cissp
• itil
• 5+ years

What You Bring

-Excellent problem-solving skills -Pragmatic and solution-oriented Organized and rigorous -Overall 5+ Years in System Infrastructure with 3+ Years in Security Operations -Should be adoptable to work with multi-vendor organization -Good oral and written communication skills -Very good knowledge of Windows operating systems and working knowledge of Microsoft Active Directory, ADFS, Exchange, IIS, SCCM -Knowledge of Powershell scripts for the automation and management of Windows infrastructure -Should be having knowledge on ITIL Process -Should possess in-depth knowledge on Network Security, Endpoint security etc -Knowledge of Office365 and Azure -Bachelor of Engineering. -Certifications in Cybersecurity like COMPTIA+, CISSP or other specialized security certifications would be added advantage, cybersecurity fundamental concepts -Mandatory experience in working with Microsoft security landscape, e.g. Microsoft defender ATP, Microsoft cloud App security, Office ATP, Azure AD identity protection, Azure Security center, Azure sentinel. -Knowledge of network switching: TCP/IP, subnetwork calculations, VLAN concepts, firewall, NAT -Good knowledge of MITRE attack -Mandatory experience in pen test tools (PenTera, Kali Linux) -Rapid 7/Arcsight/Splunk/IBM QRadar tool administration, configuration and report writing skills are mandatory (any one tool) -Minimum 5 years of relevant experience in managing large Windows server based platforms

People Also Searched For

Benefits

-Available and flexible

About John Cockerill

-Designs, integrates and maintains equipment across critical sectors including energy, defence, industry and infrastructure. -Projects range from recovery boilers, electrolyzers for green hydrogen, solar receivers to armour-turrets and combat vehicles. -Specialisms span industrial heat recovery, defence systems, metal processing, environmental treatment and renewable energy. -Unusual facts: revived a 200-year old founder’s legacy, built Europe’s largest industrial green-energy storage site, and acquired French military-vehicle maker Arquus.

Sector Specialisms