Information Security SOC Manager

The SOC Manager role is part of the GSO Bangalore Security Practice. The Manager in this role will oversee and coordinate the activities of SOC personnel and implement security assessment and incident response protocols. Candidates will coach personnel on technical issues and verify that they follow SOC policies to ensure all components are functioning optimally. Must establish and maintain metrics that help provide a high level of productivity, supportability, and operational readiness while also participating in project planning activities such as infrastructure enhancements and change management controls. Must have a proven track record in leading information security teams and technologies.

The SOC Manager will oversee employees a trustworthy environment to conduct business at Informatica and be accountable for building and maintaining our security posture. Management of the Information Security team is ultimately responsible for earning and maintaining customers trust at Informatica and enabling the business to take smart risks.

ESSENTIAL DUTIES & RESPONSIBILITIES

Provide first line supervision to direct reports

·        Develop and administer SOC processes and review their application to ensure that SOC’s controls, policies, and procedures are operating effectively

·        Provide management oversight for the identification, triage and response of events or incidents of apparent security breaches

·        Manager 3^rd party vendors/suppliers of SOC personnel and supplies

·        Produce and review aggregated performance metrics

·        Manage and increase the effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions

·        Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence

KNOWLEDGE & REQUIREMENTS

·        5+ years of strong leadership experience as a SOC Manager within a managed security services environment supporting F500 customers with the ability to grow, mentor, and up-skill security analysts.

·        Mastery of security engineering and network threat investigation concepts with hands-on experience.

·        In depth understanding of TCP/IP, endpoint processes, and packet analysis.

·        Experience with conducting memory forensics or pen testing.

·        CISSP, CISM and SANS knowledge (SANS GIAC certification such as GCIA, GCIH, GSEC, GCFA or OCSP certification) would be an advantage.

·        In depth understanding of cyber security trends and application to SOCs.

·        Ability to excel in a fast-paced environment and work under pressure.

·        A skilled collaborator and complex problem solver with experience managing relationships through internal and external escalations with experience presenting to leadership groups.

·        A strong understanding of the current threat landscape with the ability to explain lateral movement and post exploitation detection techniques.

·        Ability to analyze customer threat trends and threat posture and provide

security advice.

·        Technical ability to function as incident response escalation when needed

·        Experience with reporting to measure Security Analysts and overall ASOC

performance.

·        A can-do attitude with a relentless focus on our customers.

·        Ability to translate security concerns into business context and articulate to executives, while weighing business needs against security concerns in the decision making process

·        Measured the impact that process or tools changes have on service delivery.

·        Ability to identify and measure key work drivers to drive down service delivery costs.

·        Experience in conquering the challenge of making systems and processes easier to use yet more secure, embedding security into the fabric of the organization

·        Ability to create scalable security solutions in a fast-paced production environment

·        Track record of collaborating with other technical teams to create solutions greater than the sum of its parts

EDUCATION & EXPERIENCE REQUIREMENTS

·        Bachelor’s degree in Computer Science or Engineering field

·         3-5 years experience in a combination of Information Security, IT Engineering, IT Architecture, Application Operations, or DevOps capacity

·        Strong experience with scripting, programming, regular expressions, and API-level integration of tools

·        Practical experience with security @ scale across multiple cloud environments: AWS, Azure, and VMWare

·        Prior exposure/experience with SIEM & vulnerability management capabilities

·        Experience configuring and maintaining WAF rules, host-based firewalls, and log management

·        Experience with threat modeling and risk analysis

·        Regulatory compliance experience in HIPAA, SOC2, ISO27k environment preferred

WORKING CONDITIONS

·        Regular business hours, Monday – Friday.  If additional hours are required, please list here:

·        This role participates in an incident response support capacity and may require infrequent work on nights, weekends, and holidays.

·        Travel Requirements: Domestic and/or International, up to     10%