Job Offers - Find your Job!

Cyber Security SOC Lead

UNCOMN | Posted 12-01-2021

St. Louis (Computer and Programming)

  • UN COMN is an award-winning firm, one of the country’s fastest-growing and—more importantly—a consistent ‘Top Workplace’ as evaluated by our own employees. We are a values-driven organization (see the Core Values section of our web site) looking for new Uncommon Geniuses to join our growing team. If you are an engineer, architect, analyst, hacker, and/or geek who likes to solve problems, fix things, build things, tweak things, or otherwise show creative flair, you might just be an "UNCOMN Genius."

Our mission is to empower systems thinkers to create elegant solutions to complex problems – to improve the systems that improve our communities. Our team members apply their natural curiosity and grit to discover elegant solutions for our clients’ most complex organizational, logistics, process, data, and technical challenges, with the overall goal of building great businesses that contribute to great communities.

Check out our Glassdoor employer reviews , here , and the specifics of this position, below:
UN COMN is seeking a Cyber Security SOC Lead to:
  • Manage the daily operations and effectiveness of the Security Operation Center (SOC), including:
1. Coordinate staffing availability to support 24/7 coverage
2. Manage the coordination of the technology resource needs for the team
3. Staff training and tool development coordination support
4. Provide daily and real-time updates as appropriate to the customer
  • Drive standardization across all customer communication, deliverables, and metrics Develop a strategy for maturity growth of junior SOC analysts
  • Meet regularly with internal stakeholders and partners to communicate customers' needs
  • Establish protocols, processes, and standard operating procedures for SOC service delivery
  • Support strategic plans and projects driving and supporting overall SOC maturity goals both internally and customer-focused
  • Oversee the technical delivery, operation, and maintenance of the SOC customer solution
  • Manage, monitor, and enhance security infrastructure, tools, tactics, and techniques used for supporting customers' needs
  • Identify and Prioritize the automation efforts for appropriate repeatable processes
  • Responsible for the development, monitoring, and measure of Key Performance Indicators (KPI's) used to determine overall SOC effectiveness and opportunities for improvement
  • Lead incident response efforts, including:
1. Coordinating incident response activities with the customer's internal SOC resources
2. Communicating updates to UNCOMN's executive management
  • Perform typical senior-level SOC analyst duties to augment the SOC service delivery capabilities.
  • Support 24/7 security monitoring coverage.
Desired Qualifications/Experience would include but not required:
Technical Competency
  • 5+ years of hands-on experience analyzing and supporting information security operations and response efforts.
  • Perform system log analysis of a variety of sources to identify indicators of attack/compromise, including:
1. Host-based system logs
2. Network traffic logs
3. Firewall logs
4. Intrusion detection system logs
  • Proficient in Security Technologies: SIEM (Splunk), Endpoint Detection and Response (EDR), and Network and Email protections.
  • In-depth knowledge of attack vectors, security exploits, and effective countermeasure techniques.
  • Perform event correlation using information gathered from various sources within the customer's infrastructure to determine information exposure from an identified security event.
  • Monitor and analyze data flow information to identify and isolate malicious behavior.
  • Configuration and maintenance experience with SIEM, Firewall, and security monitoring technologies.
  • Strong understanding of all levels of the OSI model.
  • Knowledge of common security threats and vulnerabilities, including but not limited to:
1. Buffer overflow attacks
2. Cross-site scripting
3. SQL injections
4. Replay attacks
5. Malicious code attacks
6. DDOS attacks
  • Remote code execution indicators of attack/compromise
  • Familiar and experienced with NIST Framework.
  • Experience working in a corporate SOC environment.
  • Security certifications preferred. (e.g. Sec+, Net+, CYSA+, CEH, GISF, GSEC, GCED, GCIA).
  • Strong process-oriented skills.
  • Server administration or system administration experience a plus.
  • Experience working on large-scale IT projects a plus.
  • Experience with systems architecture and data integration.
  • Experience managing customer account support.
  • Experience working with cross-organization technical project teams.
  • Experience leading a SOC team a plus.
Occupational S oft Skills
  • Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
  • Ability to interact with individuals at all levels and across all business units and organizations and comprehend business imperatives.
  • Strong leadership abilities, with the capability to develop an information security team, guide team members and work with minimal supervision.
  • Strong written and verbal communication skills.
  • A strong customer/client focus, with the ability to appropriately manage expectations to provide a superior customer/client experience while building long-term relationships.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.