SOC Chief Advisor (R-00071)

SOC Chief Responsibilities

• Monitor Security Events: Keep an eye on security events and alerts generated by security tools (e.g., SIEM, firewalls, IDS/IPS) to detect potential threats.
• Incident Triage: Analyze and assess alerts to determine if they indicate genuine threats and classify the severity of incidents.
• Escalation Procedures: Define escalation protocols for various threat levels and ensure timely communication to senior security teams or external response teams if needed.
• Investigation: Lead or assist in the investigation of security incidents to understand the root cause and scope.
• Threat Analysis: Stay informed about emerging cyber threats, vulnerabilities, and attack trends. Analyze data from threat intelligence feeds and threat-hunting activities.
• Contextualize Alerts: Provide actionable intelligence by adding context to alerts based on the latest threat landscape.
• Research New Attack Techniques: Stay current on new attack vectors (e.g., zero-day vulnerabilities, advanced persistent threats).
• Log Analysis: Review and analyze logs from various sources (firewalls, routers, servers, endpoints) to identify patterns and anomalous behavior.
• Vulnerability Management: Assist in monitoring and identifying vulnerabilities, ensuring that patches and security updates are applied timely.
• Compliance Monitoring: Ensure that the organization adheres to relevant industry standards and regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS).
• Reporting: Provide regular reports to stakeholders on security incidents, vulnerabilities, and performance of the SOC. Prepare post-mortem reports after an incident to highlight lessons learned.
• Risk Assessment: Help assess risks and security gaps in existing security frameworks, recommending improvements where necessary.

SOC Chief Requirements

• Bachelor's degree in Computer Science, Information Systems, or a related field (or equivalent experience). 
• Proven experience (6+ years) in program management for Security Operations Centers and Information Technologies projects. 
• Strong knowledge and understanding of SOC operations, information security principles, and best practices. 
• Proficiency in Splunk architecture or alternate Splunk experience. 
• Excellent project management skills, including the ability to prioritize tasks, manage resources, and meet deadlines. 
• Solid understanding of project management methodologies and frameworks. 
• Exceptional communication and interpersonal skills, with the ability to effectively engage with stakeholders at all levels. 
• Strong analytical and problem-solving abilities. 
• Project/program management and/or technical certifications, such as PMP, CISSP, or CISM are highly desirable. 
• Proven experience in leading and managing complex cybersecurity projects. 
• Familiarity with other security technologies and tools, such as SIEM, IDS/IPS, and vulnerability management. 
• Experience in managing and mentoring project teams, ensuring high performance and accountability. 
• Knowledge of regulatory compliance frameworks, such as GDPR, HIPAA, or PCI DSS. 
• Ability to adapt to changing priorities and thrive in a fast-paced, dynamic environment. 
• Strong leadership skills and the ability to influence and motivate team members. 
• Attention to detail and a commitment to delivering high-quality results. 
• Embody a leadership philosophy rooted in collaboration, mentorship, innovation, and accountability.