The Security Operations Center Manager will plan, direct & control the functions & operations of the Domo Security Operations Center (SOC).
Goals & Objectives of the SOC are to monitor & analyze security events of interest to protect client information & Domo information assets.
The SOC Manager will develop & maintain processes & procedures associated with security monitoring & response use cases to address & respond to potential security incidents & promote timely escalation & incident coordination among Domo stakeholders.
The SOC Manager will lead efforts in monitoring data sources & security events to identify potential threats or attempts to compromise security controls.
- Direct the team, functions, processes, & operations of the SOC.
- Lead the development, documentation, & implementation of policies & procedures associated with security monitoring efforts.
- Lead the operations of the SOC.
- Identify & communicate key performance indicators to help stakeholders understand the SOC roles & responsibilities & the effectiveness of the SOC program.
- Implement & monitor key SOC performance indicators, identify opportunities to improve team performance, & make adjustments to operations processes as necessary.
- Oversee the monitoring, identification, escalation, & resolution of security incidents.
- Manage outsourced & in-house SOC relationships & services for quality performance & fulfillment of Service Level Agreements (SLA).
- Communicate threats to Senior Management which may impact Domos risk profile.
- Establish performance goals & priorities.
- Develop, mentor & counsel staff.
- BS degree, or a related field.
- 7+ years of experience in the Cyber Security field.
- Prior SOC Management experience preferred.
- Prior Security Engineering experience.
- CISSP Certification or similar preferred.
- Ability to serve as a member of an Incident Response Team & respond to emergency calls during non-business hours, as needed.
- Possess the ability to react quickly, decisively, & deliberately.
- Excellent verbal & written communication skills.
- Experience performing analysis utilizing SIEM technologies.
- Experience performing analysis utilizing IDS/AV/Firewall consoles.
- Experience with cloud computing & AWS and/or Azure services.
- Strong understanding of networking & associated protocols.
- Development skills including scripting (e.g., Python, shell scripting), web coding and/or database backend.