Industrial Security Operations Center (ISOC) Manager
ABS Group
Kallithea, Greece Kallithea, Greece
πριν από 3 μέρες

Description

The Industrial Security Operations Center (ISOC) Manager’s primary mission is to lead, improve, and grow ABS Group’s cybersecurity Operational Technology (OT) monitoring and incident response capabilities.

This role leads the daily operations as well as the strategic development of the ISOC.

This position is responsible to ensure Service Level Agreements (SLA) are met when responding to digital security incidents globally, provide forensics and threat hunting support, and managing security operations and technologies partners.

The manager will also help define the investments and strategies to grow the functions, roles, and value of the ISOC.

The ISOC Manager leads a team that performs real time event and incident management processes, as well as OT security incidents evaluation and response following the event management guidelines and policies of ISOC.

This position requires 7-10 years of cybersecurity incident response experience and preferably OT experience related to critical infrastructure segments.

The candidate should have experience with IT / OT Security (i.e., monitoring Supervisory Control and Data Acquisition (SCADA) or Distributed Control Systems (DCS)), partner / provider management, customer service skills, and sales / client account management.

In addition to delivery, execution, and improvements of the ISOC capabilities, the ISOC Manager might be tasked with development and testing of various security practices and controls to meet customer or regulatory cyber security requirements.

Job Duties / Roles

This position is responsible for the execution of OT cyber security services and supporting customers with monitoring for cyber threats, providing routine and periodic reports, and helping to maintain cyber security compliance.

Some of the key responsibilities include managing the event and log monitoring and analysis functions using SIEM technology, security incidents identification and investigation, supporting OT monitoring tools, providing guidance on actions required to contain, eradicate, and recover from a threat / incident in the OT environment, performing these services for multiple clients while maintaining high degrees of professionalism and efficiency to ensure service level agreements and response times are met.

The qualified candidate must have enough knowledge and abilities to :

  • Understand the standard & modern attack techniques on applications, systems, and networks
  • Lead efforts to support the response to digital security incidents through the initial triage phase and provide support to business and IT / OT clients as they work to close identified gaps
  • Manage and lead the ISOC team
  • Build and maintain close working relationship with the SOC providers, cyber threat intelligent team, technology partners and others to bring together a holistic view of incidents
  • Develop processes and procedures to support SLAs and improve incident response times, analysis of incidents, and overall SOC functions
  • Provide network intrusion detection expertise to support timely and effective decision making of when to declare and escalate an incident
  • Provide incident response support, including evidence preservation and forensics
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, EDR, Antivirus, etc.
  • to determine the correct remediation recommendations and escalation paths for each incident

  • Analyze network flow data for anomalies and detect malicious network activity
  • Provide information regarding intrusion events, security incidents, and other threat indications
  • Provide technical analysis and guidance on control systems security trends and industry benchmarking
  • Oversee cyber vulnerability assessments
  • Prepare and conduct technical and executive presentations
  • Create technical reports and progress reports for projects
  • Research and test new security tools / products and make recommendations of tools to be implemented in clients’ OT environments and to be used in the SOC
  • Identify and enhance the capabilities of the team by developing opportunities for automation
  • The candidate is expected to continuously improve self as subject matter expert by participating in educational opportunities, reading professional publications, maintaining personal networks, in addition to presenting for professional organizations.

    Qualifications

  • Have demonstrated experience in computer and network systems, including IT / OT security, cyber-related regulations, MITRE security practices and / or NIST standards
  • Have demonstrated CIRT, CERT, Threat Monitoring, or SOC management experience
  • Have strong analytical and problem-solving skills with the capability to identify solutions to unusual and complex problems
  • Have sound understanding of network, system, and application intrusion techniques on IT / OT infrastructure
  • Have a good understanding of log formats from OS, Databases, Firewalls, Applications
  • Able to interpret vulnerability assessments into actionable items for the client
  • Able to demonstrate proficiency in MITRE ATT&CK Framework or LM Cyber Kill Chain® framework
  • Possess excellent presentation skills, including presentation development, numeracy and analysis skills, and advanced skills in Microsoft Word, Excel, PowerPoint, Visio, and Outlook
  • Possess excellent English oral and written communication skills; demonstrated capability to produce reports suitable for delivery to both technical and non-technical audiences, and strong interpersonal and collaboration skills
  • Have the ability to productively work with little supervision with demanding due dates
  • Be willingly to travel up to 20%, domestic and international
  • Minimum years of Experience

    7-10 years in security operations centers with IT cyber security, OT / ICS cyber security implementation, and OT / ICS compliance experience

    Required / Preferred Education Requirements

    Bachelor’s degree in Engineering, Computer Science, Cybersecurity, or demonstrated equivalent work-related experience

    Required / Preferred Professional Requirements

  • Hands on SOC Threat Monitoring and Cyber Incident Response Team experience, required
  • Management, team lead, or supervisory experience, required
  • Experience in presenting to upper management and executive-level clients, required
  • Proficiency-level professional certification (i.e., GIAC Certified Incident Handler, Certified Ethical Hacker) preferred
  • Managerial-level professional certification (i.e., CISSP, CISA, or GICSP), preferred
  • Demonstrated knowledge of ISO 27001, ISA / IEC 62443 or NIST 800-53, preferred
  • Ability to analyze
  • Experience in offshore and maritime environments, preferred
  • Prior experience writing technical reports and research papers in English, preferred
  • Experience developing and delivering training to clients, preferred
  • ABS Group is committed to the equal employment opportunity of its employees and prohibits discrimination against any employee or qualified applicant on the basis of race, color, creed, religion, national origin, sex, age, disability, marital status, sexual orientation, citizenship status or veteran status, or other non-work-related characteristics that may be protected under the law of the Federal Government or specific state employment laws.

    ABSG Consulting Inc.

    Αναφορά αυτής της εργασίας
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Εφαρμογή
    Το e-mail μου
    Πατώντας στο κουμπί «Συνέχεια », δίνω στο neuvoo τη συγκατάθεση μου να καταχωρήσει τα δεδομένα μου και να μου στέλνει ειδοποιήσεις μέσω email, όπως αναφέρεται λεπτομερώς στην πολιτική προστασίας προσωπικών δεδομένων του neuvoo. Μπορείτε ανά πάσα στιγμή να αποσύρετε τη συγκατάθεση σας ή να διαγραφθείτε οποιαδήποτε στιγμή.
    Συνέχεια
    Φόρμα αίτησης