Manager, Soc

Job Description

Paramount is seeking a Security Operations Center Manager to join its Global Information Security Group. This position will be a vital leader of the Threat Response team by monitoring, detecting, responding and remediating threats facing our company with the support of SOC analysts and incident responders globally using a wide variety of tools. As the SOC leader, the candidate will be responsible for shaping and maintaining a more mature and integrated framework for incident response, triaging incidents, security monitoring and supporting security engineering projects to improve Paramount's cybersecurity defense posture with automation, orchestration and analytics.

How we work:
• Our teams own ''how'' decisions - we are autonomous regarding the architectural choices, technologies, and approach to providing high quality solutions,
• Our Engineers are involved in every stage of SDLC,
• Our divisions are built from various engineers, i.e. Backend, Mobile, DevOps and System Engineers, Product Owners, Scrum Masters, Agile Coaches,
• Our products are exposed to millions of users globally,
• We focus on test automation and code quality – and we do that by automating whatever is possible!
• The majority of business clients are located in the US (east & west coast),
• Every project is run based on Agile principles using Scrum / Kanban.

What will you do:
• Serve as the overall point of contact and 24/7 escalation point for the SOC
• Frequent direct interface with Threat Response team leaders to advise and coordinate operational activities including notable threats, active incidents, and situational awareness
• Responsible for a team of SOC analysts who continuously perform monitoring and triage of collected information and alerts to determine what is actionable
• Aim to achieve operational objectives by monitoring and enforcing operational processes, practices, and standards of the SOC
• Manage escalations for detected anomalous activities, vulnerabilities and threats to Paramount worldwide, aiding the SOC in tuning the alerts to improve efficacy while acting as an incident commander during high severity incidents, if necessary
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Planning of shift schedules, staffing needs, performance assessments, training and coaching/mentoring for SOC team members
• Oversee activities of service providers to deliver cost-effective and efficient SOC operations while ensuring fulfilment of SLAs
• Build and maintain documentation/knowledgebase of playbooks, processes, procedures and archival of security incidents
• Develop and maintain objectives, trend analysis, metrics and KPIs supporting the department's strategic direction and continuously improve SOC capabilities
• Advise management on cybersecurity tool selection to satisfy SOC functions and to address security gaps
• Work with vendors, consultants or experts as appropriate for managed services or implementation of new technologies
• Work with department leads to transform the maturity of the SOC to an industry-leading organization
• Availability during off-hours and holidays

We are looking for people who have:
• 5+ years of technical security experience, with 2+ years of experience leading a cyber incident response or security operations team within a large enterprise organization
• Exceptional operational rigor with extensive real-world experience leading and responding to large scale, complex incidents
• Ability to create shift schedules to ensure 24/7 availability and coverage by support personnel during off hours
• Solid grasp of common cyber frameworks and models such as the MITRE ATT&CK, D3FEND, Cyber Kill Chain, Diamond Model, Pyramid of Pain, DeTT&CT and modern penetration testing techniques
• Minimum of one of the following certifications: SANS GCIH, GSOC, GSOM, GCIA, GPEN, GMON, GCDA, GDAT or certifications relating to security operations or incident response
• Bachelor's degree in a related field or equivalent experience

Nice to have:
• Experience working in a security operations center, red team or blue team operations and ability to think both like an attacker and defender
• Excellent written and verbal communication skills and a can communicate control analysis and recommendations with clarity and professionalism
• Ability to communicate complex and technical issues to diverse audiences, verbally and in writing, in an easily-understood, authoritative, and actionable manner
• Familiarity of the cyber threat landscape including threat actors, tactics, tools and procedures, and effective countermeasures. Additionally, knowledge of common techniques used by malware and threat actors and industry standard lexicon
• Deep technical understanding of SIEM, SOAR, EDR, firewalls, network and email security tools with a variety of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, databases, containerization and mobile
• Knowledge of digital cybersecurity and data privacy laws
• Be a self-starter, work independently and able to quickly adjust to changing priorities
• Strong verbal and written communication skills with ability to analyze, summarize, and communicate large
• volumes of information in a clear and succinct manner with careful attention to detail

We offer:
• Employment contract,
• Hybrid/Remote (home office if applicable),
• Multisport card + private medical care,
• Access to e-learning and self-development platforms and office library,
• English and Polish language lessons,
• We participate in and speak at conferences, also join/ run public meet-ups (e.g. Google IO, WWDC, Confitura),
• In-house activities: tech talks, hackathons,
• You can use 10% of your working time to pursue your personal development, and side projects,
• Active global inclusion and CSR groups,
• Well located, modern office with lots of amenities – adjustable desks, electronics toolkit, 3D printer ready for you to use, pool table, console, table tennis, massage chair.

Paramount is an equal opportunity employer (EOE) including disability/vet.

Jobcode: Reference SBJ-g3qzm4-18-118-210-229-42 in your application.