Senior Manager - Security Operations
CYBR at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)
What will you be responsible for?
- Leads the creation and maintenance of SOC Playbooks, SOPs and Training materials, managing shifts, onboarding, and training for Engineers.
- Manage 24X7 Security Operations Centre (SOC). Ensure adequate staffing, seamless delivery of monitoring service & timely response on the incidents.
- Lead and manage the global security operations team, providing guidance, mentorship, and support to ensure teams success.
- Participating and creation of detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team.
- Responsible for the development and implementation of operational processes and standards for security incident response and operational security tasks for PSJH System.
- Be a thought leader in security operations delivery - driving automation, analytics, and advanced threat analysis.
- Serves as a member of the extended leadership team providing, expertise and input for decisions relating to security threat and risk management.
- Maintain forward looking and strategic partnerships with key technology and service vendors, ensuring innovative strategies are incorporated into future roadmaps.
- Drive accountable areas for results. Take ownership of the environment, teams, operations, initiatives, and projects within areas of accountability, sometimes in ambiguous circumstances.
- Provide responsive leadership to delegate, coordinate, and motivate staff; evaluate performance for direct reports and for contractors/other peoples’ direct reports; work with individuals and HR to improve performance as needed.
What would your work week look like?
- Collaborate with the other security teams to contain and investigate major incidents.
- Communicate and summarize status of operations and projects, and progress toward major initiatives to leadership as well as to direct and indirect reports.
- Oversee emerging cyber threats, proactive modelling, threat validation.
- Provide leadership during security events. Acts as an escalation contact to support investigations as required.
- Responsible for hiring, training, and developing staff to ensure the team has both the technical and organizational skills to effectively maintain operations and support as measured by established service levels.
- Strive for process improvement and automation; help development and operations team build automation for repeatable activities.
- Help team in managing incident response including detection, analysis, containment, and resolution of security incidents.
CYBR at Providence is responsible for appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients)
What will you be responsible for?
- Leads the creation and maintenance of SOC Playbooks, SOPs and Training materials, managing shifts, onboarding, and training for Engineers.
- Manage 24X7 Security Operations Centre (SOC). Ensure adequate staffing, seamless delivery of monitoring service & timely response on the incidents.
- Lead and manage the global security operations team, providing guidance, mentorship, and support to ensure teams success.
- Participating and creation of detailed Incident Reports and contribute to lessons learned in collaboration with the appropriate team.
- Responsible for the development and implementation of operational processes and standards for security incident response and operational security tasks for PSJH System.
- Be a thought leader in security operations delivery - driving automation, analytics, and advanced threat analysis.
- Serves as a member of the extended leadership team providing, expertise and input for decisions relating to security threat and risk management.
- Maintain forward looking and strategic partnerships with key technology and service vendors, ensuring innovative strategies are incorporated into future roadmaps.
- Drive accountable areas for results. Take ownership of the environment, teams, operations, initiatives, and projects within areas of accountability, sometimes in ambiguous circumstances.
- Provide responsive leadership to delegate, coordinate, and motivate staff; evaluate performance for direct reports and for contractors/other peoples’ direct reports; work with individuals and HR to improve performance as needed.
-
What would your work week look like?
- Collaborate with the other security teams to contain and investigate major incidents.
- Communicate and summarize status of operations and projects, and progress toward major initiatives to leadership as well as to direct and indirect reports.
- Oversee emerging cyber threats, proactive modelling, threat validation.
- Provide leadership during security events. Acts as an escalation contact to support investigations as required.
- Responsible for hiring, training, and developing staff to ensure the team has both the technical and organizational skills to effectively maintain operations and support as measured by established service levels.
- Strive for process improvement and automation; help development and operations team build automation for repeatable activities.
- Help team in managing incident response including detection, analysis, containment, and resolution of security incidents.
Who are we looking for?
- Bachelor s degree in related filed, to include computer science, or equivalent combination of education and experience.
- 12+ years of relevant post-qualification experience, with at least six (6) years in a leadership role in Security Operations Center environment (SOC)
- Hands on experience or exposure to SIEM tools – Sentinel (preferred)
- Experience in SOAR (Security Orchestration Automation Response) platform (Demisto preferred) & Endpoint Detection & Response (Crowd strike preferred)
- Knowledge of advanced cyber threats, adversary methodologies, and cyber threat intelligence.
- Should have worked on security monitoring in Cloud environment (Azure, Google Cloud etc.)/ relevant knowledge in Cloud environment.
- Preferred SSCP, EC-Council CSA, CompTIA- CYSA+, SANS GCIH /GMON /GSOC/CISM/CISSP certification.
- Technical leadership skills in security operations, threat intelligence and event analysis, incident response, email analysis, threat hunting, EDR etc.