Posted:
12/18/2024, 4:00:00 PM
Location(s):
Poughkeepsie, New York, United States ⋅ New York, United States
Experience Level(s):
Senior
Field(s):
IT & Security
Benefits:
Competitive compensation
Medical, Dental, and Vision insurance
401(k) Retirement Savings Plan with substantial company match
Life and Travel Insurance
Tuition Assistance
Wellness Reimbursement Program
Paid Holidays and Vacation
What is a Cybersecurity SOC Team Lead?
We are seeking a diligent and experienced Cybersecurity SOC Team Lead to join our team. In this role, you will be working within a group of highly motivated Information Technology and Cybersecurity professionals committed to keeping Central Hudson safe. The Cybersecurity SOC Team Lead leads a team of SOC Analysts and assists them in their daily operations as they proactively seek out adversaries. The Team Lead is an escalation point for the SOC Analysts and a Liaison with our Cybersecurity Engineers. A Cybersecurity SOC Team Lead must possess various technical skill sets and experience to assure security events are analyzed and managed appropriately from the detection to the remediation phase of an event or incident. The ideal candidate will have a strong understanding of modern security principles, excellent analytical skills, and the ability to communicate effectively with internal stakeholders and vendors alike.
What does a Cybersecurity SOC Team Lead do?
Oversees daily SOC activities, ensuring timely detection and response to security incidents
Continuously reviews and enhances SOC processes, including playbooks, response procedures, and threat hunting practices
Supervises, mentors, and develops the SOC Analysts
Initial escalation and notification point for SOC Analysts
Leads post-incident reviews and ensures lessons learned are documented and applied
Prepares detailed reports on SOC performance and incident trends
Assists Cybersecurity Engineers with tuning false positive and/or true positive non-actionable security events
Represents the Security Operations Center at internal/external meetings
Oversees and leads incident response and investigation activities, ensuring timely resolution
Fosters a collaborative environment for sharing insights and strategies
Provides timely updates on ongoing incidents and emerging threats
Highlights key metrics and performance indicators
Proactively hunts for threats and vulnerabilities within the corporate environment
Generates detailed reports on security incidents, including findings, action taken, and recommendations for future prevention.
Provides regular status updates to management and stakeholders
Works closely with other IT and security teams to ensure comprehensive incident management and response
Monitors news, security sites, and other threat actor activity channels for new/current threats and stays updated on emerging cybersecurity threats and technologies
Promotes and raises awareness by educating others about the importance of cybersecurity
Builds relationships with government and local agencies to promote collaborative information sharing
Supervises employees working in a 24/7 shift environment, including nights, weekends, and holidays and participates as needed
Participates in on-call as needed to respond to security incidents outside of regular working hours
Provides storm/emergency response support
What does it take to be a Cybersecurity SOC Team Lead?
Required:
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field of study and 3 years of experience in cybersecurity. In lieu of a bachelor’s degree, an associate degree in the aforementioned fields and 5 years of cybersecurity operations or related experience or a high school diploma or equivalency degree and 7 years of cybersecurity operations or related experience will be considered
In-depth knowledge of security operations, including SIEM, SOAR, EDR, IDS/IPS, malware analysis, email security, and endpoint protection
Demonstrated ability to develop, tune, and optimize use cases for alerting in a SIEM platform
Proficiency in threat hunting techniques and methodologies to proactively identify and mitigate potential threats
Proven hands-on experience in working collaboratively with an Incident Response team, including the ability to manage and coordinate responses during cybersecurity events and incidents.
Experience in drafting and maintaining SOC operating procedures and playbooks
Experience with data visualization tools to analyze and present security data effectively
Knowledge of common and emerging attack vectors, penetration methods and countermeasures
Familiar with and have worked within Cyber Security Frameworks such as: NIST 800 – 61, Attack Life Cycle, SANS Security Controls, MITRE
Effective communication skills, with the ability to collaborate with diverse teams, and communicate complex concepts clearly and concisely
Must have excellent analytical, multitasking, organizational and decision making skills
Ability to work with limited direct supervision and professionally respond to constructive feedback
Ability to work nights, weekends, holidays during a critical cyber incident or event
Valid driver’s license
Preferred:
SOC leadership or management experience implementing cybersecurity frameworks (MITRE ATT&CK, NIST, CIS), incident response methodologies, and threat intelligence practices.
Familiarity with scripting languages for automation and analysis
Experience in conducting risk assessments, developing risk mitigation strategies and evaluating contractual agreements
Experience in Energy & Utilities or services industry
Relevant certifications such Systems Security Certified Practitioner (SSCP), CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+)
Applications will be accepted until January 2, 2025.
Pay range: $124,600-193,200
Please go to https://www.cenhud.com/employment. Click the “Search Career Opportunities” button. Follow the directions to submit an application and upload your resume for the desired position.
Applications sent via e-mail and US Mail will not be accepted. No phone calls or agencies, please. All replies will be held in strict confidence.
All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, creed, color, ethnicity, arrest or conviction record, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, citizenship, genetic information, familial status, marital status, pregnancy-related condition, domestic violence victim status, veteran or military status, or any other characteristic protected by federal, state or local laws. Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance in employment individuals who are minorities, women, protected veterans, and individuals with disabilities.
VEVRAA FEDERAL CONTRACTOR
Website: https://regionalhelpwanted.com/
Headquarter Location: Central Valley, New York, United States
Employee Count: 251-500
Year Founded: 1999
IPO Status: Private
Industries: Local ⋅ Online Portals ⋅ Recruiting