Back
SOC Lead
Are you looking for your next career move, project opportunity?
Explore your career possibilities with FTS. At FTS, we take ownership of our semiconductor customer’s projects, contract and managed services needs and provide them with the brightest talents that are on top of their game and can make a direct impact on our customer’s business.
What is the project about, what will the selected candidate will be doing, and what is the outcome our customer expects?
The selected candidate will be joining the cyber security testing team as the Incident Detection (SOC) Lead. In this role you will be leading security operations by responding to escalated alerts and monitoring alerts.
This position leads an operational team to conduct in-depth analysis of security events with the specific ability to identify Indicators of Compromise, perform intrusion scope and root cause analyses and implement triaging protocols to mitigate potential damage to our cyber ecosystem
What is required to be successful in this position:
- Directs technical members in conducting Event Detection, Incident Triage, Incident. Handling, Hunting activities by leveraging our detection/response platforms
- Continuously monitors levels of service as well as interpret and prioritize threats through use of cyber threat intelligence, intrusion detection systems, firewalls and other boundary protection devices, and any security incident management products deployed
- Work with Security and IT operations teams to develop and implement remediation plans in response to incidents
- Provides input into security architecture requirements, tool deployment and implementation
- Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough review and analyses of relevant event detail and summary information
- Provide comprehensive briefings at various levels of operations and management regarding ongoing security incidents
- Ensure the proper and timely handling of all incidents regarding all aspects of security for the facility
- Lead operation team to provide 24x7 incident detection and monitoring service, and performance report on regular basis
- Enhance and provide training to operation members
- Integration of additional supported log source/device and development of new use cases as required
- Manage communication with our affiliates in case of security incident.
- Work with our affiliates to remediate non-compliance with technical and security requirements.
- Assist affiliates and group to improve cybersecurity maturity and strengthen cybersecurity posture.
What qualifications are we looking for?
- 8+ years cyber security experience required
- 5+ years of experience in incident response handling and staff leadership.
- 2+yrs of experience as a lead
- Must have a strong understanding of concepts and technology across all IT areas to be able to spot gaps and develop appropriate controls
- Demonstrated analytical, problem-solving, and critical thinking skills required
- Working knowledge of security technologies such as Active Directory, anti-malware tools, forensics tools, firewalls, identity access management, IDS / IPS, multi-factor authentication, network devices, SIEM, threat intelligence, vulnerability scanners, monitoring tools, and web filters on premise and in cloud environments required
- Ability to work with little supervision and consistently deliver results required
- Familiarity with network technologies and protocols (switches, routers, firewalls, remote connection technologies, and multiple domain environments) strongly
Preferred qualifications would include:
- Experience with Splunk and other SIEM platforms, Enterprise Intrusion Prevention Systems, Endpoint Detection tools, and other security products
- Experience conducting incident handling and response efforts in large enterprise environments
- Experience supporting incident investigations
- Experience working in a 24/7 SOC environment
- Security certifications (e.g. Security+, Network+, CEH, SANS etc.)
USA
4 + Years
Full-Time
