Security Operations Center - Coralville, United States - ProCircular

Description

Job Description

Company Overview

ProCircular is about relationships and trust. We provide organizations with practical expertise and guidance to manage risk, improve security readiness, meet regulatory commitments, and continually address the latest cyber threats.

People are at the center of our philosophy, and quality is the cornerstone. We build trust by being approachable, realistic, and unbiased. Each client's unique goals guide our work and every project produces a tangible result and a clear roadmap. We're passionate about cybersecurity, serious about quality, built around people.

Position Summary

As the Manager of the Security Operations Center (SOC) at ProCircular, this position is responsible for delivering the technical and people leadership for our Defensive Cyber Operations (DCO) division at ProCircular. A successful candidate will have a demonstrated capacity to lead a team of highly skilled security engineers and oversee day-to-day operations for both the SOC and Incident Response (IR) teams. Key responsibilities include advancing operational processes, developing and maturing security operations center protocols, and driving innovations to address the latest cybersecurity threats for our client's systems.

To perform this job successfully, an individual must be able to perform each essential job function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability.

Essential Job Functions (include but are not limited to the following)

• Lead, perform, and manage the Security Operations Center (SOC) and its daily technical and operational activities.
• Act as the point of escalation for SOC matters and provide guidance and mentoring.
• Identify monitoring and detection gaps and work with the SOC to expand log collection, detection, and analytic capabilities.
• Scale the SOC using automation, technology, and process for service delivery improvement.
• Organize and prioritize various SOC functions based on business requirements.
• Analyze and make recommendations for the improvement and successful growth of the SOC, including KPI adherence and reporting.
• Collaborate and consult with other teams and its members on the overall advancement of SOC services.
• Supervise SOC staff through goal creation and performance evaluations.
• Develop and mentor staff through open communication, training and development opportunities, and coaching.
• Assist with Incident Response and forensic investigations.
• Operate with integrity and accountability.
• Other duties as found necessary.
• Uphold the values of ProCircular and abide by the Company handbook.

Position Requirements

The requirements listed below are representative of the knowledge skills and abilities required. Employees who do not possess the requirements for a job at the time of hire will not be considered for the position. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Required Skills and Experience:

• Strong understanding of security monitoring, detection, and analysis methodologies and technologies including NIDS, EDR, WAF, FIM, network firewall, and SIEM.
• Hands on security analyst experience with data filtering, correlation, triage, and analysis automation techniques.
• Possess a deep understanding of operations, system, and network security.
• Ability to explain complex security issues to engineers, managers, and executives.
• Prior experience in a technical team leadership role.
• Experience with SIEM content creation and reporting.
• Superior IT problem-solving skills.
• Experience working with internal and client ticketing and knowledge base systems for Incident and Problem Tracking, as well as procedures. (i.e. Jira, Confluence, etc.).
• Proficiency in Python or other programming / scripting languages.
• Knowledge of Linux and Windows Operating Systems.
• An understanding of a wide array of server grade applications such as: DBMS, Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, SQL, and others.
• Experience with various SIEM security products such as Splunk, AlienVault, and Elastic.
• Experience with infrastructure components such as proxies, firewalls, IDS/IPS, DLP etc.
• Demonstrated technical knowledge of current network security, network hardware, protocols, and standards required.
• Proven ability to diagnose and troubleshoot technical issues required.
• Proven ability to make decisions and perform complex problem-solving activities under pressure.
• Previous management and project leadership experience required.
• Capable of working effectively independently and in a team environment
• Must be self-motivated, goal and detail oriented
• Flexible and adaptable to changing work environment
• Ability to prioritize multiple tasks and manage time efficiently
• Communicate in a positive manner with clients and escalate any issues and/or messages accordingly
• Must be able to efficiently use Microsoft Word and Excel

Desired Skills and Experience:

• Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• Strong knowledge of Ansible or Python scripting.
• Prior experience using Git/Github and knowledge of CI/CD.
• Relationships or a professional working background with industries including education, healthcare, government, manufacturing, and financial.
• Public and private sectors; for profit and non-profit industries.

Desired Education and Experience:

• Minimum of 6 years' experience in cybersecurity.
• Minimum of 3 years' experience leading technical teams, including performance management.
• Minimum of 3 years' experience in SOC engineering and architecture.
• Minimum of 2 years' experience performing SOC analyst or similar job duties.
• Security certifications a plus (ex. CISSP, GCFA, GCIA, GCIH, CEH, etc.)

Language Requirements:

The primary language of ProCircular is English. Excellent communication skills are required, defined as the ability to:

• Actively listen for total comprehension
• Ask questions that enhance the understanding of a certain topic
• Relay information and/or instruction in a descriptive and understandable fashion in both written and verbal format

Reasoning Ability Requirements:

High-functioning, reasoning abilities are necessary to meet deadlines, prioritize company and customer needs, and work in a high functioning collaborative team environment.

Physical Requirements:

Occasional lifting up to 40lbs. may be necessary from time to time. Must be able to sit for long periods of time, view a computer monitor, and type frequently/constantly (up to 8 hours a day).

Travel Requirements:

Valid driver's license is required for occasional travel.

Schedule Expectations

Our normal hours of operation are from Monday through Friday, from 8:00 am to 5:00 pm.

Full-Time: Full-Time employees are defined legally as working at least 30 hours per week, however; full time positions at ProCircular require at least 40 hours. This position requires 40 hours worked within a regular workweek. Occasionally, time over 40 hours may be necessary in order to meet the requirements of the position. As long as performance expectations are met, employees may flex his or her schedule, subject to preapproval of one's direct supervisor.

Supervision Requirements

This position has supervisory responsibilities including performance management, review, and improvement.

Performance Expectations

All teammates are evaluated at least annually on their performance based on the essential job functions in this job description, along with ProCircular's Core Values:

It's about people

• People define every part of our business. Growth potential is based on the abilities and personalities of the people involved. Technology solutions are a part of the equation, but it's the people in an organization that define its true security. We work hardest when we're supporting one another. We take care of each other; we take care of our families, and in doing so we take better care of our customers.

Fear is the mind killer

• We don't let fear define the need for our services and we don't present a problem without discussing realistic response or mitigation options. There's more than enough to worry about in life and plenty of people telling us to be afraid. We're solutions people, not fear mongers.

Strong opinions lightly held

• Opinions are important—they coalesce facts, reason, experience, and judgment into actionable points of view. We present our opinions with logic and reason rather than emotions, offering several alternatives to each challenge and the supporting data. The rejection of an idea is not a rejection of the individual or their merit. Everyone has a voice and a chance to speak, regardless of title, station or seniority.

Quality over speed, speed over cost

• Every organization must consciously balance quality, speed, and cost. We will always put the quality of our work first. We make great efforts to move quickly, but never at the expense of quality. While we strive to keep our services affordable, we never choose an inexpensive alternative that will adversely impact quality or speed.

Cool heads, warm hearts

• We keep a cool head and help others do the same, especially in a crisis. We approach adversity with patience, logic, and understanding. Mistakes happen; we don't hide, ignore, condemn, or fear them. Mistakes are opportunities to exemplify honesty, accountability, professionalism, tolerance, and grace. Instead of pointing a finger, we use humor, empathy, and fun when it matters most.

R-E-S-P-E-C-T

• We treat each other how we hope to be treated. We don't yell; we aren't condescending, and we always try to understand the other person's perspective, before reacting to it. We keep it light and we listen. We extend this principle to our customers, and we understand that talking down to them is the easiest way to send them to a competitor.

Tomorrow just happened

• Life is what happens when we're busy making other plans. We work hard on today but we're always thinking about the future. We take extra time to make sure we're learning and looking ahead. No matter what your discipline or area of expertise, you're adding your capabilities to the long-term plan for the organization and its clients.