MAD Security is looking for a Security Operations Center (SOC) Manager responsible for leading a team of security analysts in Huntsville, Alabama.  The SOC Manager will provide leadership, coordination, technical oversight, and operational management of the security operations team.  In this position, you will play a critical role at MAD Security and lead security personnel, developing strategy, setting goals, and providing performance and professional development feedback.  You will lead the security operations team to continually improve the SOC operational mission to safeguard our client’s business by simplifying the cyber security challenge for them.

The SOC Manager position requires strong technical knowledge and experience with security monitoring tools and incident management situations. In addition to strong technical expertise, a combination of excellent communication and people management skills is required. A successful candidate will be able to coordinate team members in evaluating security incidents or high-risk situations within an environment to provide clear, concise recommendations and feedback to leadership.

Essential Duties and Responsibilities

• Manage the daily operations and effectiveness of the SOC.
• Oversee the success of clients subscribing to security monitoring services, including onboarding, ongoing monitoring, and improvements.
• Act as a trusted advisor and partner to client organizations regarding security risks; work collaboratively with impacted parties to assess business drivers and provide recommendations.
• Manage and enhance the tools, tactics, and techniques used within with the SOC. Lead in the assessment, architecture and implementation of these security technologies.
• Develop staff of varying skill levels on both cybersecurity competencies/expertise and personal development. Guide in their continued growth and success as individuals and as a team.
• Participate in the development and tracking of key performance indicators (KPIs) related to SOC operations, to benchmark and further enhance capabilities.
• Participate in internal assessments and tabletop exercises, and other activities that contribute to operational readiness.
• Benchmark and implement industry best practices to detect and mitigate potential threats.
• Ensure platforms and processes are in compliance with all corporate and regulatory standards and requirements.
• Collaborate with leadership team in developing technical direction, as well as assessing reasonable objectives and timelines.
• Lead the SOC team in a fast-paced environment, while exercising composure, professionalism and teamwork during incidents. Support and oversee incident response activities as the most senior escalation point on the SOC team. Exercise discretion and confidentiality on a need-to-know basis when performing investigations.
• Perform special projects and other duties as assigned.

Experience and Education

• Minimum ten (10) years of experience in IT Security or Information Technology.
• Three (3) years in a management role leading a technical team.
• Experience working in a Security Operations Center in an enterprise or managed services provider environment.
• Bachelor's degree in Information Technology, Information Security/Assurance, Computer Science, Engineering or similar area of study; at least 5 years related experience and/or training; or equivalent combination of education and experience preferred. Master's degree a plus.
• Achieved one or more relevant security certifications (CISSP, GCIA, GCIH, GMON, GSEC, ITIL, CISM, etc.).
• Experience with Fortinet and AT&T AlienVault Technologies is a plus

Skills and Capabilities

• Strong leadership, problem solving and critical thinking skills.  Ability to prioritize and execute autonomously.
• Ability to communicate effectively with all levels of staff, management, and clients both orally and in writing.
• Ability to collaborate across the organization and operate effectively with multiple teams and solutions towards a shared goal.
• Strong understanding of latest security principles and protocols.
• Strong understanding of security operations technologies including SIEM and orchestration.
• Ability to tune correlation rules and outcomes via security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platforms.
• Demonstratable working knowledge of emerging technologies and tactics used within a SOC, and how they are applied to improve efficiency and effectiveness.
• Understanding of tactics, techniques and procedures associated with cyber threats and the ability to develop relevant alerting, countermeasures, and threat hunting techniques.