Manager, Security Operations Center

Job Description

Manager, Security Operations Center (SOC)

Overview & Responsibilities

Paramount is seeking a Security Operations Center (SOC) Manager to join its Global Information Security Group. This position will be a vital leader of the Threat Response team by monitoring, detecting, responding and remediating threats facing our company with the support of SOC analysts and incident responders globally using a wide variety of tools. As the SOC leader, the candidate will be responsible for crafting and maintaining a more mature and coordinated framework for incident response, prioritising incidents, security monitoring and supporting security engineering projects to improve Paramount's cybersecurity defense posture with automation, orchestration and analytics!

Role Details:
• Serve as the overall point of contact and 24/7 critical issue point for the SOC
• Frequent direct collaborate with Threat Response team leaders to advise and coordinate operational activities including notable threats, active incidents, and situational awareness
• Responsible for a team of SOC analysts who continuously perform monitoring and triage of collected information and alerts to resolve is practical
• Aim to achieve operational objectives by monitoring and implementing operational processes, practices, and standards of the SOC
• Handle user problems for detected anomalous activities, vulnerabilities and threats to Paramount worldwide, aiding the SOC in tuning the alerts to improve efficacy while acting as an incident commander during high severity incidents, if necessary
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Planning of shift schedules, staffing needs, performance assessments, training and coaching/mentoring for SOC colleagues
• Oversee activities of service providers to deliver cost-effective and efficient SOC operations while ensuring fulfilment of SLAs
• Build and maintain documentation/knowledgebase of playbooks, processes, procedures and archival of security incidents
• Develop and maintain objectives, trend analysis, metrics and KPIs supporting the department's strategic direction and continuously improve SOC capabilities
• Advise management on cybersecurity tool selection to satisfy SOC functions and to address security gaps
• Work with vendors, consultants or guides as appropriate for handled services or implementation of new technologies
• Work with department leads to transform the maturity of the SOC to an industry-leading organization
• Availability during off-hours and holidays

Basic Qualifications:
• Bachelor's degree in a related field or equivalent experience
• Minimum of one of the following certifications: SANS GCIH, GSOC, GSOM, GCIA, GPEN, GMON, GCDA, GDAT or certifications relating to security operations or incident response
• Experience leading a global security operations center with responsibilities in detection and analysis of cyber security threats

Additional Qualifications:
• 5+ years of technical security experience, with 2+ years of experience leading a cyber incident response or security operations team within a large enterprise organization
• Notable operational rigor with extensive real-world experience leading and responding to large scale, complex incidents
• Ability to create shift schedules to ensure 24/7 availability and coverage by support personnel during off hours
• Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, D3FEND, Cyber Kill Chain, Diamond Model, Pyramid of Pain, DeTT&CT and modern penetration testing techniques
• Solid understanding of incident response processes, workflows, communications and reporting, analytical issues and cross-department collaboration
• Experience working in a security operations center, red team or blue team operations and ability to think both like an attacker and defender
• Strong leadership and communication skills with executive management
• Excellent organizational skills with ability to handle multiple high visibility issues simultaneously
• Familiarity of the cyber threat landscape including threat actors, tactics, tools and procedures, and effective countermeasures. Additionally, knowledge of common techniques used by malware and threat actors and industry standard lexicon
• Deep technical understanding of SIEM, SOAR, EDR, firewalls, network and email security tools with a variety of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, databases, containerization and mobile
• Knowledge of digital cybersecurity and data privacy laws
• Be a self-starter, work independently and able to quickly adjust to changing priorities
• Strong verbal and written communication skills with ability to analyze, summarize, and communicate large volumes of information in a clear and succinct manner with careful attention to detail
• Some travel may be required for major events or incidents.

#L1-remote

ADDITIONAL INFORMATION

Hiring Salary Range: $135,000.00 - 165,000.00.

The hiring salary range for this position applies to New York City, California, Colorado, Washington state, and most other geographies. Starting pay for the successful applicant depends on a variety of job-related factors, including but not limited to geographic location, market demands, experience, training, and education. The benefits available for this position include medical, dental, vision, 401(k) plan, life insurance coverage, disability benefits, tuition assistance program and PTO or, if applicable, as otherwise dictated by the appropriate Collective Bargaining Agreement. This position is bonus eligible.

https://www.paramount.com/careers/benefits

Paramount is an equal opportunity employer (EOE) including disability/vet.

Jobcode: Reference SBJ-rb35ko-18-191-21-86-42 in your application.