Title: Security Analyst - Hybrid
Location: Dover, DE, United States
Length: Long term
Restriction: W2 or C2C
Very Long term contract Usually the project goes for 4+ years with this customer *** 37.5 hours per week ***Hybrid
This position is responsible for leading the DTI Security Operations Center. The primary focus of this position is to lead a team that monitors for electronic and cyber threats against the state of Delaware computing environment and imitates responses to combat attack. The position will drive confidentiality, integrity and availability of the infrastructure and the processes required for delivering applications and services throughout the state, including those managed and operated by third parties. Principal responsibilities include overall management of a world class Security Operations Team, focused on protection of customer data and network traffic. The position is responsible for developing, administering, and overseeing information security systems, tools, polices, and procedures required to protect critical assets. The candidate will improve the States overall security posture and strengthen our overall security capabilities. The selected individual will have high expectations of accomplishment and solid industry knowledge, ambition, talent, and people skills. The SOC Manager must have enough technical knowledge, skills, and abilities to develop and oversee the processes involved in delivering statewide Continuous Monitoring, Vulnerability Management, and Incident Response services.
Lead and Manage the State of Delaware Security Operations Center (SOC) team
Drive the teams precision and speed of triage, and efficiency in response.
Accountable for operational performance including real time SLA management, development of data driven business metrics, escalation, and communication.
Drive key business KPIs and be accountable for operational SLA performance.
Deliver business insights and drive improvements into the products, process, and technology.
Transform the business to scale with the growth in the SOC team.
Drive prioritization of significant security events across the operations center and incident response team.
Guide and/or manage technical response during critical incidents.
Designing and establish playbooks and standard operating procedures for incident response activities
Validate and ensure the effective configuration and management of state wide security controls
Hunt for suspicious activity based on anomalous activity and indicators of compromise from various intelligence feeds and toolsets.
Perform and lead computer and network forensic analysis
Possess a bachelors degree in Information Security, IT, related field or equivalent years of experience.
Possess industry certification(s) from an accredited information security organization.
Possess a minimum 5 years of experience leading a Security Operations Center (SOC) team.
Possess a minimum of 5 years experience working in Security Operations Center in an enterprise environment experience.
Possess a minimum 3 years in a Senior technical security role or in a personnel management role which includes planning assigning, reviewing, and evaluating the work of others.
Experience with security monitoring controls, methodology, and event remediation/resolution.
Possess in depth knowledge of Information Security, SIEM management, Incident Response, Risk mitigation, and Infrastructure Protection tools and processes.
Solid understanding of log and monitoring management systems, security event monitoring systems, threat intelligence, network based and host based intrusion detection systems, firewall technologies
Experience designing and creating playbooks and standard operating procedures for threat detection and response activities
Experience with an industry leading Endpoint Detection and Response (EDR) solution as well as leveraging EDR solutions for threat hunting and incident containment
Excellent verbal and written communication skills
Demonstrated experience with managing and ensuring the timely response, triages and investigations of security events and incidents.
Demonstrated ability to build a strong culture of collaboration, teamwork, and innovation within a team
Experience with automation and SOAR solutions highly preferred