IT Security Operations Center Manager in Miami, FL at Lennar Homes

Date Posted: 1/4/2022

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Miami, FL
  • Job Type:
  • Experience:
    At least 7 year(s)
  • Date Posted:
    1/4/2022
  • Job ID:
    2021-21467

Job Description

Overview

The Security Operations Center (SOC) Manager is a critical member of the Enterprise Security Office (ESO). This position will function as the interface between the Director of Security Operations strategic and process-based activities and the work of the analysts within the SOC. The SOC Manager must be able to translate the IT risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. This position will coordinate the technical operation activities to implement and manage the security operations center infrastructure, and to provide regular status and service-level reports to both the Director of Security Operations and IT management.

The SOC Manager is a leadership role that requires an individual with a strong technical security background, as well as an ability to work with the IT organization, and business management to align priorities and plans with key business objectives. The SOC Manager will represent the SOC requirements during IT planning initiatives to ensure that security measures are incorporated into strategic plans and that service expectations are clearly defined.

Expertise in leading security project teams and developing and managing projects is essential for success in this role. In addition to supporting the Director of Security Operations policies and strategies, this role must be able to prioritize work efforts — balancing operational tasks with longer-term strategic security efforts.

This position is responsible for managing a highly technical security staff as they work to accomplish company and personal development goals and must, therefore, have proven leadership skills. Documentation and presentation skills, analytical and critical thinking skills, and the ability to identify needs and take initiative are key requirements of this position.

This position holds responsibility for the Security Monitoring & Visibility Program, the Threat and Vulnerability Program, and the Incident Response Process.

Responsibilities

  • Lead and manage the SOC, including associated managed service providers.
  • Manage, administer, and maintain the security information and event management (SIEM) solution along with its reporting and analytics.
  • Manage the onboarding of all security-relevant data into the security information and event management (SIEM) solution.
  • Manage, administer, and maintain the Threat & Vulnerability Management Program along with the artifacts discovered.
  • Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as creating actionable analytics derived from this analysis.
  • Develop and maintain the Security Monitoring and Visibility, Threat & Vulnerability Management, and Incident Response policies, procedures, and standards as well as all other supporting materials.
  • Lead the creation, implementation, and maintenance of the enterprise security operations procedures, processes, and playbooks.
  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
  • Manage department's budget and manage team of analysts and subject matter specialists to ensure continued success and growth.
  • Manage Security Operations projects, including process improvement and technology investments.
  • Define and maintain the roadmap of program and technology changes driven by the Security Operations department.
  • Manage a staff of SOC analysts. Hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
  • Work closely with both the Security Engineering & Architecture (SEA) Team and the Governance, Risk, and Compliance (GRC) Team.
  • Manage security production issues and incidents, and participate in problem and change management forums.
  • Work with the Director of Security Operations and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security operations center program.
  • Manage the creation and maintenance of security alerts, reports, dashboards, and metrics for the SOC and their presentation to the Director of Security Operations and business stakeholders.
  • Assist in the research, evaluation, design, test, recommendation, and implementation of new or updated SOC hardware or software.
  • Manage outsourced vendors that provide SOC functions for compliance with contracted service-level agreements.
  • Manage and coordinate operational components of incident management, including detection, response, and reporting.
  • Maintain a threat intelligence knowledgebase comprising of security advisories and alerts, current and emerging threats, as well as strategic and tactical recommendations on detecting, mitigating, and remediating these threats.
  • Advise the Director of Security Operations and business stakeholders of significant emerging threats.
  • Manage the day-to-day activities of threat and vulnerability management, recommend treatment plans and communicate information about residual risk.
  • Ensure audit trails, system logs, and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
  • Ensure execution of the incident response process where applicable and that it is maintained until the resolution of the incident.
  • Assist subsidiaries in carrying out their own respective incident response and threat and vulnerability management processes if they do not abide by the ESO’s respective programs.
  • Organize, participate in, and, if required, chair post-incident reviews for presentation to senior management.

Qualifications

 Education and Experience Requirements:

  • 7 or more years progressive work experience, of which 5+ years are in Information Security and 3+ years are in event and/or incident response experience in a cyber operations environment, experience may be concurrent
  • A bachelor's degree in information systems or equivalent work experience is required; an M.B.A. or M.S. in Information Security is preferred.
  • A CISSP or CISM certification is highly desired.
  • Holding any of the following certifications is a plus; GCIH, CCNA, C|EH, CISA, SANS GCIH, GMON.
  • A strong understanding of the MITRE ATT&CK Framework is highly desired.
  • Solution specific certifications preferred. (Securonix, Nexpose Rapid7, Palo Alto Networks (Firewalls, URL Filtering), Proofpoint, Cylance)
  • Basic to advanced reverse engineering with deep understanding of IOCs and preventive and detective technical controls.

Physical Requirements:

This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.

   

Additional Requirements:

  • Strong background in SIEM, TVM, and APT solutions. (Preferred: Securonix, Nexpose, Cylance)
  • Adept at conducting research into project-related issues and products – strong analytics skills.
  • Strong technical understanding of network, system, data, and application security.
  • Strong understanding of operating system internals and network protocols.
  • Experience in system technology security testing (vulnerability scanning and penetration testing).
  • Strong knowledge of security operations concepts, threat and vulnerability management processes and Security Operations Centers (SOC).
  • Extensive security operations, incident response, incident detection, malware detection, and threat response experience.
  • Strong leadership skills and the ability to work effectively with business managers, IT teams (Architecture, Network, Server, Desktop, and Service Desk).
  • A strong understanding of the business impact of security tools, technologies and policies.
  • Strong leadership abilities, with the capability to develop and guide information security team members and operations personnel, and work with minimal supervision.
  • Experience at working as a leader and collaborator in a team-oriented environment is essential.
  • Can conform to shifting priorities, demands and timelines through analytical and problem-solving capabilities.
  • Reacts to project adjustments and alterations promptly and efficiently.
  • Flexible during times of change.
  • Ability to read communication styles of team members who come from a broad spectrum of disciplines.
  • Persuasive, encouraging, and motivating.
  • Ability to elicit cooperation from a wide variety of sources, including upper management, clients, and other departments.
  • Ability to defuse tension among project team, should it arise.
  • Ability to bring project to successful completion through organizational dynamics.
  • Strong written and oral communication skills.
  • Strong interpersonal and operational skill sets
  • Strong Customer service skills and focus required.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment is crucial.
  • Tenacious, driven, energetic and a high degree of professional integrity. 

 

This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice.

#CB

#Redhen

#LI-JC1

Type

Regular Full-Time

Not Ready to Apply?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.

Join Our Talent Network

Text LENNAR to 51893
to get started today!