Security Operations Team Lead
- Job Title
- Security Operations Team Lead
- Job ID
- 984349
- Location
- Southfield, MI 48075
- Other Location
- Description
-
Description
Conexess is looking for a Security Operations Center Team Lead. This position is located in Southfield, MI and will report to the Chief Information Security Officer. Please note that this position may be contract-to-hire.
The Security Operation Center Team Lead will be responsible for:- Monitoring and responding to security events that could impact the confidentiality, availability, and integrity of our clients systems and data.
- Improving, maintaining and evaluating new security tools and processes that enable detection of security events in the organization.
- Performing and managing Cyber and Internal Security Investigations.
Responsibilities- Develops and improves the process, procedure, and metrics security operations functions in a consistent and repeatable fashion.
- The hands-on role requires the SOC Manager to watch alerts, respond to events and incidents, update tools and documentation, and/or demonstrate tasks to the team members.
- Coordinates lessons-learned, post-mortem and threat modeling events to continuously improve the team’s identification and response to security events.
- Maintains incident response plans and documentation on current and closed incidents.
- Performs internal investigations.
- Coordinates with business and technology teams to resolve events and incidents in the environment.
- Administers information security controls and software such as endpoint protection, intrusion detection/prevention, security incident and event management, data loss prevention, physical security, and behavior analytics systems.
- Respond to, investigate, and analyze security events and determine appropriate action to be taken.
- Analyzes security system logs, security tools, and available data sources on a regular basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection rules and system tuning.
- Gather information from other IT staff and non-IT staff to obtain information regarding security problems to networks, servers, endpoints, and applications.
- Perform incident response activities and ensure that proper protection or corrective measures have been taken when an incident has been discovered.
- Performs other duties as assigned.
- SANS GCIA or GCIH (preferred)
- CISSP (preferred)
- Proven project management and organizational skills specifically managing multiple concurrent projects.
- Hands-on experience with Security Incident and Event Management tools.
- Hands-on experience with Endpoint Security tools.
- System Administration and Security Hardening experience.
- Incident Response, Forensics, and Malware Analysis experience.
- Bachelor’s degree in Information Technology or related field (work experience and background may be considered in leiu of education).