CareerFinders, on behalf of our client, an expanding Investment Firm, we are seeking to recruit a SOC Manager (Security Operations Centre) to join their team based in Limassol. The successful will lead the detection and investigation of security events at the organization, ensuring that all cybersecurity attacks are timely detected, investigated and mitigated.
Build and manage an effective SOC team in our Cyprus office to function with the newly formed SOC team.
SOC monitoring and alert response.
Dedicated incident response.
Key member and participation in the Global Security Operations Committee.
Cyber Security and participation into strategy.
Red team testing, pen testing, internal & external infrastructure testing.
Ensure cyber incidents are investigated and mitigated using AI tools already implemented.
Patch management and vulnerability management using automated tools.
Define and maintain incident handling procedures to ensure incidents are adequately identified, investigated, and mitigated. Ensure that lessons learned are conducted to avoid re-occurrence of security incidents and that relevant incidents are documented for internal and senior stakeholder consumption.
Design, implement and measure processes to ensure the Security Operations Center runs at optimal efficiency.
Identify key use cases for threats against the group and implement incident response mechanisms to identify and address them.
Manage the evaluation and selection of the correct tools to monitor, detect and respond to threats to the organization.
Ensure security tools are operationalized and integrated into the Security Operations Center monitoring, detection and response processes.
Create a team structure and approach to work to ensure that incidents are appropriately triaged, worked on and followed-up on by the Security Operations Center various tiers.
Maintain an up-to-date view on threat landscape to the Equiti Group derived from the Security Operations Center activities so that the Cybersecurity strategy can be adapted to address the identified threats.
Report to Cybersecurity leadership on Security Operations Center effectiveness and required improvements to the team/tools/processes through objective facts and data analysis.
Own the Cybersecurity incident response. Maintain and improve the Security Operations Center program. Review and correct identified weaknesses of the program to ensure continued alignment with business expectations for Information Security Incident management.
Manage a team of security analysts to support incident management objectives, including recruitment, performance management and employee development amongst other people management functions.
Liaise with law enforcement agencies during incident investigations to ensure the company assets are safeguarded.
4+ years working within the information security field, with emphasis on security operations, incident management, intrusion detection, firewall deployment, and security event analysis.
At least three years of experience managing a Security Operations Center.
Good knowledge of the technical foundations behind networking, operating systems and application: Linux, Windows, Web technologies, Cloud solutions (AWS, Azure, GCP), TCP/IP and other networking protocols - Traffic and packet analysis.
Experience with SIM, log correlation and other security monitoring tools.
Experience in creation of log correlation and intrusion detection rules.
Experience in the following areas: Forensic analysis, Vulnerability management, Risk management.
GIAC Certified Incident Handler (GCIH) or similar qualification.
Previous experience in penetration testing, offensive tools and frameworks.
Regulatory and industry standards work: ISO27001, PCI-DSS, GDPR etc…
Experience in security tool development.
Other relevant professional qualifications will be considered, although not a requirement, e.g. CISA, CISM, CISSP, GIAC, etc…
In-depth understanding of Information Security processes and theory.
Attention to detail and outstanding problem-solving skills.
Autonomous and self-organized.
The position requires a manager-doer with hands-on experience in security incident management.
Ability to lead and communicate efficiently within a team environment.