Security Operations Center Lead

The Incident Manager should be capable of managing and coordinating response and recovery actions for information security incidents and function-related business processes. This includes full end-to-end management of security incidents, including analysis, containment, and eradication, as well as collaboration with appropriate teams and service partners, as well as providing them with business insight into the status, impact, and necessary actions concerning such incidents.

You will...

• Be in charge of establishing and growing HiveMQ's Security Operations Center (SOC).
• Be responsible for developing Incident Management processes and protocols.
• Ensure all effective integration of HiveMQ assets with monitoring solutions, developing triggers, monitoring events, and identifying incidents. 
• Responsible for continuous improvement of the Incident Response Lifecycle and the overall maturity of the Security Operations Center (SOC).
• Be the primary point of contact for many cyber security situations, lead the discussion and serve as the primary moderator.
• Perform Cyber Kill Chain and MITRE ATT&CK analysis on incoming security alerts.
• Update the status of incidents on a regular basis.
• Engage in all parts of the event management process, from identification to remediation and follow-up operations.
• Drive events to completion within the time range specified for the incident's criticality level.
• In the event of an investigation, be in charge of HiveMQ's DIFR.
• Monitor and examine security alerts on a regular basis to discover harmful activities.
• Regular tabletop exercises and Blue/Purple team tests should be conducted for the team to keep them up to date and prepared in the event of an incident.
• All post-incident elements should be identified, collected, documented, and addressed.
• Being on call and operating outside usual business hours when needed

You have...

• A Bachelor's or a Masters degree in computer science or information technology or similar experience is required.
• Relevant industry-recognized security certifications such as GCIH, GCFE, GCFA, GCTI, GOSI, and ECIH will be an added advantage.
• Experience creating and upgrading HiveMQ Threat Intelligence
• At least 1 year or more of expertise in information security activities
• 4+ years of expertise managing and mitigating security events as part of a Cyber Incident Response unit in significant corporate contexts
• Knowledge of risk management and control frameworks, the cyber kill chain, and the SANS Incident Handling lifecycle
• Expertise in network security, cryptography, virtualisation, and cloud security, as well as a strong understanding of enterprise-level information systems and technological architectures.
• Proficiency in cyber threat and crisis management
• Experience working with various organisational stakeholders, from technical to management level.
• Necessary skills to manage several conflicting priorities in a fast-paced environment to complete high-priority activities
• Strong track record of performance management to meet demanding KPIs and continuous improvement programs.