Monitoring & Response Technical Lead/Sr Cyber Security Analyst (Vice President)
Job Level: Vice President
Location: Tralee, IE
Employment Type: Full Time
Requisition ID: 2683
As a Cyber Monitoring & Response Team Lead, you will be a key part of a high performing SOC team, with a desire to continually improve and advance our capabilities to protect SMBC Group. You will bring your passion for Cybersecurity to a team of like-minded professionals and leverage this passion to ensure our monitoring and response capabilities are effective and efficient and that we keep pace with a rapidly changing threat landscape.
You will relish your core role in supporting the monitoring and response of cyber security alerts and incidents by digging into and investigating them to find the root cause and identifying the gap in controls that allowed a threat to reach that point in the kill chain. If you identify an incident, you will lead that technical analysis, tracking down the actions of that threat actor as part of the incident response, while supported by the wider Incident response process and members of the SOC and CSIRT teams. If you identify a false positive, you will drive the effort to tune or refine our detections, or to drive improvements to our preventative controls to prevent a recurrence, freeing more time for the SOC to focus on improving our skills and capabilities. With your knowledge and expertise, you will develop and hone the SOC through mentoring and ownership of projects to develop the technical capabilities of the SOC.
As part of a wider team of SOC analysts, you are able to focus on an area you are passionate about, or if sufficiently experienced, take the lead. You will develop deep expertise and expand our capabilities in domains ranging from across Purple Teaming, Threat hunting, Digital Forensics and Incident Response (DFIR), Security Automation, Detection Engineering and Threat Intelligence and share this knowledge to develop the depth of knowledge of the SOC. If there is a gap in our toolset, you can help us identify and bridge that gap by acting as Subject Matter Expert to do so. You will bring fresh ideas, challenge the status quo, and seek always to answer - how can we improve?
Role Objectives
1. Act as technical lead in the development and enhancement of capabilities such as Cyber Monitoring & Response/Purple Teaming/Threat Hunting/Digital Forensics/Incident Response.
2. Lead the analysis of security alerts or technical response to security events and incidents.
3. Mentor and guide more junior SOC personnel sharing your knowledge and expertise.
4. Develop and improve monitoring & response playbooks.
5. Conduct proactive threat hunting and DFIR activities.
6. Develop deep expertise in our monitoring systems and technology to act as an SME in working with our detection engineering and automation teams to enhance our abilities to prevent, detect & respond.
7. Identify and test new adversary TTPs and our ability to detect and respond to them.
8. Identify opportunities for efficiency, work hand in hand with Security Automation team to automate and improve our response processes.
9. Assist in the implementation and ongoing support of security systems, acting as an SME for SOC related projects.
10. Execute tasks or support projects to enhance team’s capabilities.
11. Assist in defining SOC requirements for information technology projects.
12. Act as a role model and set the standard for technical analysis within the SOC.
13. Providing strong mentorship and guidance to more junior SOC team members by acting and leading by example. Bring a positive outlook and seek to motivate and inspire your fellow team members.
Role Objectives: Expertise
• Demonstrate comprehensive understanding of cyber security best practices, risk vectors, mitigation techniques and protection software. Display knowledge of network security concepts and tools such as firewalls, proxy servers, email security and suspicious traffic flows. Exhibit analytical ability to lead incident response and mitigation efforts as well as identify key areas for improvement from post-incident analysis. Show ability to convey cyber security policies and concepts to employees and lead training efforts to ensure all employees follow recommended best practices relating to cyber security.
• Strong understanding of MITRE ATT&CK Cyber Kill Chain and similar frameworks.
• Strong knowledge of security controls related to the detection, analysis, and response (SIEM, EDR, NDR, XDR, UEBA).
• Strong knowledge of Windows and Linux systems, Active Directory, Cloud technologies.
Qualifications and Skills
1. 5+ years of experience in cyber security experience required, ideally in a SOC, DFIR, or CSIRT role.
2. Strong verbal and written communication skills with experience in documenting their work to a high level.
3. Professional Certifications an advantage but not essential if have requisite role knowledge, GCIH, GNFA, GFCA, Certified Ethical Hacker (CEH), OSCP, CISSP or similar certifications a plus.
4. Must be self-directed with the ability to work independently.
5. Ability to multi-task and remain productive in a service-driven and results oriented environment.
6. Demonstrated strong organizational, analytical, and problem-solving skills.
Additional Requirements
SMBC’s employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law. SMBC provides reasonable accommodations for employees and applicants with disabilities consistent with applicable law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com.
#J-18808-Ljbffr