Security Operations Lead

We are a digitally native company where innovation, design and engineering meet scale. We use the latest technologies in the digital and cognitive field to empower organizations in every aspect. We want you to join us to work for the biggest clients in tech, retail, travel, banking, ecommerce and media, revolutionizing and growing their core businesses while helping them (and you!) stay ahead of the curve. Be part of a company with the most cutting-edge practices and technologies plus a unique team. WHAT ARE WE LOOKING FOR? If you are a Security Operations Lead we want to meet you! YOU'LL GET THE CHANCE TO:

• Perform day to day management of the team members and contractors' staff
• Coordinate event/incident response with security operations staff
• Work with the technology staff to perform event handling and incident response
• Perform advanced analysis of tier 1 and tier 2 monitoring and alerting conclusions alongside Information Security senior staff
• Create additional training and documentation for the SOC operations
• Assist in the development and performance of quality control checks for SOC operations
• Work with the InfoSec staff to address adhoc taskings as they arise
• Interact with other stakeholders in the Technology team for troubleshooting and issue remediation. This interaction could include other members of InfoSec, the networking team, systems administrators, technology support partners, etc.

• Experience in working with Splunk ES Use cases both generic (coarse- grained) or very specific (fine-grained), Lead Security Operations team in developing complex queries, correlations, alerts, reports, and dashboards within the Splunk platform to build Metrics (KPIs, KRIs, etc.).
• Ensure that SIEM solution Engineers perform continuous tuning of threat detection capabilities to drive higher efficacy in alert output.
• Management and expansion of the CIS top 20 controls, Cyber kill chain and MITRE ATT&CK frameworks mapping to identify gaps and threat detection needs.