Security Operations Center Manager

This is a Full Time Job

Security Operations Center (SOC) Manager

Overview and Responsibilities

Paramount is seeking a US Based Security Operations Center (SOC) Manager to join its Global Information Security Group. This position will be a vital leader of the Threat Response team by monitoring, detecting, responding and remediating threats facing our company with the support of SOC analysts and incident responders globally using a wide variety of tools. As the SOC leader, the candidate will be responsible for shaping and maintaining a more mature and integrated framework for incident response, triaging incidents, security monitoring and supporting security engineering projects to improve Paramount’s cybersecurity defense posture with automation, orchestration and analytics.

• Serve as the overall point of contact and 24/7 escalation point for the SOC.
• Frequently collaborate with Threat Response team leaders to advise and coordinate operational activities including notable threats, active incidents, and situational awareness.
• Responsible for SOC analysts who continuously perform monitoring and triage of collected information and alerts to determine what is actionable.
• Aim to achieve operational objectives by monitoring and implementing operational processes, practices, and standards of the SOC.
• Handle concerns for detected anomalous activities, vulnerabilities and threats to Paramount worldwide, aiding the SOC in tuning the alerts to improve efficacy while acting as an incident commander during high severity incidents, if necessary.
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
• Planning of shift schedules, staffing needs, performance assessments, training and coaching/mentoring for SOC team.
• Build and maintain documentation/knowledgebase of playbooks, processes, procedures and archival of security incidents.
• Develop and maintain objectives, trend analysis, metrics and KPIs supporting the department’s strategic direction and continuously improve SOC capabilities.
• Advise management on cybersecurity tool selection to satisfy SOC functions and to address security gaps.
• Work with vendors, consultants or experts as appropriate for managed services or implementation of new technologies.
• Work with department leads to transform the SOC to an industry-leading organization.
• Availability during off-hours and holidays.

Basic Qualifications

• 5 years of technical security experience, with 2 years of experience leading a cyber incident response or security operations team within a large enterprise organization.
• Deep technical understanding of SIEM, SOAR, EDR, firewalls, network and email security tools with a variety of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, databases, containerization and mobile.

Additional Qualifications

• Strong leadership and interpersonal skills with executive management.
• Excellent operational rigor with extensive real-world experience leading and responding to large scale, complex incidents.
• Ability to create shift schedules to ensure 24/7 availability and coverage by support personnel during off hours.
• Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, D3FEND, Cyber Kill Chain, Diamond Model, Pyramid of Pain, DeTT&CT and modern penetration testing techniques.
• Minimum of one of the following certifications: CISSP, SANS GCIH, GSOC, GSOM, GCIA, GPEN, GMON, GCDA, GDAT or certifications relating to security operations or incident response.
• Good understanding of incident response processes, workflows, communications and reporting, issues and cross-department collaboration.
• Strong organizational skills and able to handle multiple high visibility issues simultaneously.
• Ability to communicate