SOC Manager I

Conteúdo do emprego

Company

Job Description

UST Global® is a leading provider of platforms, digital innovation, artificial Intelligence and end-to-end IT services and solutions for Global 1000 companies. We are transforming corporations through deep domain expertise, knowledge-based ML platforms, as well as profound anthropological efforts to understand the end customer and design products and interactions that create delight. We are deeply committed to developing a comprehensive understanding of our clients’ problems and to develop platforms to address them.

CyberProof is a fully owned subsidiary of UST Global that helps companies increase their cyber resiliency and reduce their cyber risks by providing a Managed Detection and Response service powered the Cyber Defense Center (CDC) platform, a proprietary incident management system. The service dramatically increases the ability to react, detect and respond to customer cyber-attacks. CyberProof provides 24x7 security operations capability, supported by expert cyber security resources and cutting-edge tools, along with mature operational methodologies to address our customers cyber security operations requirements. The advanced CyberProof Defense Centers are Azure Cloud based and located around the globe. Our goal is to provide enhanced detection abilities, faster response, collaborative issue resolution, effective recovery and actionable intelligence delivered through our state-of-the-art Security Orchestration, Automation and Response CDC platform to increase scale and differentiation for our customers.

At the core of what we do is our people. The Security Operations Group of CyberProof consists of a global team of 250+ highly talented people including experienced security operations experts, certified cyber security experts, researchers and analysts, project leaders, consultants, and sales professionals. Individuals and teams in this group work closely with client cyber security teams and customer CISOs, CIO’s and/or senior business management on business & cyber security strategies and solutions.

Job Purpose

This individual will operate in a critical role within the CyberProof Use Case Factory to provide detailed Design Specifications and Logic for SIEM rule development.

This position may be based at any global location, but will be required to work closely with client and UST Global/CyberProof stakeholders.

Key Responsibilities

• Interpret Use Case Requests for Detection Rule requirements, and validate the feasibility of rule implementation in the requested SIEM platform.
• Identify any gaps in information provided in the Use Case Request, and collaborate with the Customer, and Customer Solutions team to close such information gaps.
• Translate Use Case requirements into detailed specifications and rule logic for handoff to a coding and development team.
• Define Log Sources required for rule implementation and collaborate with Log Source Engineer and Customer Solutions team to ensure the required event sources exist within the customer environment.
• Review Rules from development team and mentor the rule development team.
• Define Alert generation rules for non-SIEM systems (e.g. EDR, Vulnerability Management, Deception Technology).

Must Have Skills

• SIEM Security Use Case design experience
• Technical Skills (SIEM Engineering)
• Azure Sentinel
• Azure ADX
• KQL Queries
• Assist with fine tuning of existing SIEM rules (if applicable)
• Adjust filters and updating whitelists (where applicable)
• Provide ‘Watch Period’ support in fine tuning KQL queries, to optimize security alerts for correct behaviour
• Kusto or SQL knowledge
• Familiar with security technologies (Firewall, Proxy, Linux, Windows, IDS/IPS)
• SIEM system deployment
• XML and JSON
• Cloud Technologies
• Management and leadership experience
• Fluent in English

Desired Skills

• Knowledge of the Security Frameworks e.g. ISO27000x, NIST etc.
• Information Security and/or Information Technology industry certification (CISSP, CISA, CISM, GIAC or equivalent) would be desirable but is not essential
• Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
• Good interpersonal and communication skills, works effectively as a team player
• Ability to function effectively in a matrix structure
• Strong facilitation, negotiation and conflict resolution skills
• Analytical skills

UST Global/CyberProof offers a diversified and attractive international environment. We will offer an attractive package which will be based on your experience and profile, including a competitive salary, a performance related annual bonus and additional benefits.