Head of SOC

The vacancy is closed already, but you can apply if you are interested in a similar position and we will contact you soon.

Client and project description

ISA Cybersecurity Inc. is one of the leading cybersecurity-focused companies in Canada. ISA Cybersecurity Inc. has over 28 years of history of helping customers solve complex challenges with building and maintaining protection from bad actors targeting IT infrastructure and people in cyberspace.

About SPsoft

We turn our engineers into half-product managers/half tech problem solvers who know and do what’s best for the client’s business, not just coding what the client says.

Forget the „ГАЛЄРИ”, box type of thinking and the small perks offered to keep you satisfied. With SPsoft, you have a chance to mature for real, not just tech-wise. Help us build the company and together we will rescue and grow our clients.

If you can’t find the meaning in what you’re doing, don’t know where you’re going in the long run, feel like you do not evolve or like nobody cares about you, or think you’re wasting your time — come and win the competition for this job! Team up with us and our clients to make the world a better and more convenient place to live! Start making a difference!

DUTIES AND RESPONSIBILITIES

  • Monitoring and troubleshooting SIEM infrastructure components with regards to system performance, capacity, security baselines
  • Implementing changes of SIEM infrastructure
  • Detect and respond to security incidents and alerts generated from SIEM
  • Lead MSSP process on the security team
  • Consulting security monitoring measures
  • Reports to SOC Director / Manager in a timely manner
  • Analyze processes and controls related to the administration of technical components including logical access, change management, data management

REQUIRED SKILLS AND EXPERIENCE

  • Strong understanding of Information Technology Service Management: HelpDesk, end-point management, and server management
  • Strong understanding of Security Operations Concepts: perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment, and security metrics
  • Strong understanding of Cybersecurity Investigation Techniques: big data analytics, relational event aggregation, event correlation
  • Strong understanding of Cyber Intelligence Techniques: threat intelligence feeds, indicators of compromise, data enrichment, statistical weighting, confidence ratings
  • Strong understanding of Adversary Motivations: cybercrime, cyber hacktivism, cyberwar, cyber espionage, and the difference between cyber propaganda and cyber terrorism
  • Good knowledge of operating systems: Linux/Unix, Windows (technical skills such as administration and scripting)
  • Good understanding of SANS Top 20 Critical Security Controls and OWASP Top 10
  • Good understanding of security solutions including SIEMs, Web Proxies, Anti-Virus, Firewalls, VPN, authentication, encryption, IPS/IDS, configuration management, and DLP as well as working experience with large enterprises
  • Understanding of ITIL processes
  • Understanding of ISO 27001 & 27002
  • Understanding of PCI DSS
  • Working knowledge of SIEM solutions like McAfee ESM (preferred) / SPLUNK / ArcSight / Graylog
  • Analytical skills: capable of analyzing complex problems and situations with the purpose of bringing improvements and efficiencies
  • Good communication skills
  • Good influencing/persuasion skills
  • Client focus work approach
  • Team player
  • Intermediate Upper level of English

As a Plus:

  • Experience in Penetration testing, Vulnerability management
  • All McAfee products
  • Professional certification in CISSP, CISA, GCIA, GCIH, CEH, CompTIA Security+ or equivalent

Ready to discuss the job in detail? Send your CV or contact us here