Manager, Cyber Defense Operations Center

Job Summary

The Manager, Cyber Defense Operations Center (CDOC) is responsible for leading a team of CDOC Analysts and managing LAC's relationship with its Managed Security Service Provider (MSSP) and the CrowdStrike Falcon Complete Analysts. This position manages all aspects of running an efficient  team, including hiring, supervising, coaching, training, disciplining, and motivating direct-reports.

The CDOC Manager directs the daily functions, processes, and operations of the CDOC, ensuring policies and procedures are followed and performance expectations are met. The position will oversee the CDOC team providing real-time, continuous Cybersecurity monitoring and triage, incident analysis, and coordination and response. The CDOC Manager will act as an escalation point for technical escalations, working closely with customers and internal teams when needed to ensure the highest level of customer satisfaction.

Duties

Manages staff , including, but not limited to: monitoring of day to day activities of staff, monitoring of staff performance, mentoring, training, and cross-training of staff, handling of questions or issues, etc. raised by staff, encourage staff to provide recommendations for relevant process and systems enhancements, among others.

Oversees security alerts and leads the team in identifying and responding to security threats.

Manages complex projects, engaging and updating key stakeholders, developing timelines, leads others to complete deliverables on time and ensures implementation upon approval.  

Creates, reviews, and approves new procedural documentation. Conducts product evaluations of security technologies. Defines, implements, and improves system monitoring, policies, and procedures.

Develops and maintains procedures and workflows for CDOC management, including escalation and notification procedures.

Creates and documents standard operating procedures (SOP’s).  Instills and reinforces industry best practices.

Develops and maintains metrics to measure the effectiveness of the CDOC.  Reports metrics and trends to the Director of the Cyber Defense Operations Center and CISO.

Manages and provides technical guidance and consultation related to information security issues.

Reviews and approves information system changes.

Drives continuous improvement, partnering with internal IT team members to implement and improve new tools, capabilities, frameworks, and methodologies.

Acts as the technical expert in multiple domains to coordinate CDOC  efforts during incident and breach responses. Collaborates with other Information Security (InfoSec)  and Information Technology (I.T.) teams to ensure that relevant organization-wide data is processed by the CDOC.
 

Duties Continued

Coordinates the InfoSec on-call schedule and escalation procedures.

Develops goals, objectives and actions plans for assigned staff which includes full management responsibility for the hiring, performance reviews, salary reviews and disciplinary matters for direct reporting employees.

Performs other duties as assigned.

Education Required

Education Preferred

Experience

Required:
At least  7 years of experience leading comparable information security or technology teams with at least  4 -5 years of management/ supervisory experience.

Operational experience configuring and managing a Security Information and Event Management (SIEM) platform.

Operational experience monitoring cloud computing (eg, AWS, Azure, etc.) and SaaS environments.

Experience with leading the response to crises, incidents, and investigations.

Operational experience managing in a regulated environment (eg, classified networks, healthcare, finance, banking, etc.).

Preferred:
Experience with Vulnerability Management toolsets.

Skills

Required:
Strong understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP/S, etc.).

Exceptional operational rigor with extensive real-world experience in SOC methodologies and frameworks for I.T. operations (eg, Information Technology Infrastructure Library (ITIL), National Institute of Standards and Technology (NIST), etc.).

Demonstrated ability to manage complex projects in an effective manner

Must possess a strong service mindset

Ability to provide threat and vulnerability analysis security advisory services

Excellent verbal, written communication and presentation skills.

Licenses/Certifications Required

Licenses/Certifications Preferred

Required Training

Physical Requirements

Additional Information