Cyber Operations Manager - XSOAR

Description :

Key Responsibilities :

• Manage and perform day-to-day security monitoring and incident response activities for 24x7 operations, using a thorough understanding of cybersecurity. Use XSOAR skills to enhance workflows, automate processes, and improve efficiency. Identify opportunities for improvement and utilize XSOAR to optimize security operations.
• Response activities may include incident response, incident management, driving remediation or threat mitigation, threat hunting, and forensic analysis. Utilize XSOAR to streamline and automate these processes, enhancing security operations` effectiveness. Develop automated playbooks in XSOAR for vulnerability identification and remediation to ensure comprehensive security monitoring coverage.
• Serve as a service owner and subject matter expert for XSOAR to enhance delivery and integration. Stay current on information security controls, practices, techniques, and capabilities, focusing on XSOAR advancements. Facilitate skill development for security personnel on monitoring and incident response by mentoring and conducting sessions on using XSOAR for automation and improving efficiency.
• Lead efforts to build and maintain effective relationships with multiple internal technology groups, ensuring strategic alignment across teams. Promote collaboration and standardization among these federated technology groups, focusing on shared interests and priorities. Serve as a key subject matter expert for XSOAR, guiding others to achieve organizational goals and objectives.
• Leverage intelligence to lead and manage threat and vulnerability monitoring, respond appropriately, and develop risk mitigation strategies. Continuously incorporate learnings into preventive and detective controls. Define security configurations for monitoring tools alerts, correlation rules, and reporting - using vendor products, services, open-source, and custom utilities.
• Implement automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes. Document processes and procedures in the form of playbooks and reference guides.
• Integrate processes and technologies, with the objective of a "single pane of glass" for monitoring and comprehensive security response process.
• Provide input into business cases and presentations to leadership of proposed security products and studies. Produce operating metrics and key performance indicators.
• May oversee work product(s) and lead entire small to medium size projects, managing deadlines, expectations, and often contributing to staffing decisions and supervising the work performed by more junior staff; provide coaching, mentoring and feedback to such individuals and may also serve as a formal performance manager of a team of junior employees.

Required Qualifications :

Preferred Qualifications :

(ref : hirist.tech)