Apply

Security Operations Center (SOC) and Compliance Manager

Posted 2024-10-15

View full description

💎 Seniority level: Manager, 7-10 years

📍 Location: United States

🔍 Industry: Cybersecurity

🏢 Company: ICE Consulting

⏳ Experience: 7-10 years

🪄 Skills: AWSLeadershipProject ManagementCybersecurityGCPAzureCommunication SkillsCollaboration

Requirements:
  • Bachelor’s Degree in Information Security, Computer Science, or related field (or equivalent work experience).
  • 7-10 years in cybersecurity, with at least 3-5 years in a SOC leadership role and experience managing compliance programs.
  • Certifications preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), GIAC Certified Incident Handler (GCIH).
  • Deep understanding of SOC operations, including incident detection, response, and remediation.
  • Experience working with security tools such as SIEM, IDS/IPS, firewalls, vulnerability management systems, and endpoint protection platforms.
  • Knowledge of common cybersecurity frameworks such as NIST, ISO 27001, COBIT, and familiarity with laws like GDPR, CCPA, HIPAA.
  • Familiarity with cloud security (AWS, Azure, GCP) and securing hybrid environments.
  • Experience with automation and orchestration tools (e.g., SOAR platforms) is a plus.
  • Proven experience in ensuring compliance with security standards and regulations (e.g., ISO 27001, PCI-DSS, SOC 2, GDPR, HIPAA).
  • Ability to develop, implement, and manage security policies and procedures aligned with regulatory frameworks.
  • Experience with internal and external audits, risk assessments, and regulatory reporting.
  • Strong leadership and management skills, with the ability to mentor and lead a high-performing SOC team.
  • Excellent written and verbal communication skills for interacting with senior leadership and regulatory authorities.
  • Strong organizational and project management skills to handle multiple compliance initiatives simultaneously.
  • Ability to work under pressure and manage security incidents in a fast-paced environment.
  • Analytical and problem-solving skills to assess security risks and recommend solutions.
Responsibilities:
  • Lead and manage a team of SOC analysts and engineers to ensure 24/7 monitoring, detection, and response to security incidents.
  • Oversee the design, implementation, and continuous improvement of security monitoring tools and technologies (e.g., SIEM, IDS/IPS, firewalls, endpoint protection).
  • Ensure timely and accurate triage, investigation, and response to security incidents.
  • Develop, implement, and maintain incident response playbooks, procedures, and escalation processes.
  • Provide leadership during major security incidents, including coordination with internal and external stakeholders.
  • Regularly report on security incidents, trends, and overall SOC performance to senior management.
  • Ensure compliance with regulatory requirements and industry standards such as ISO 27001, GDPR, HIPAA, PCI-DSS, SOC 2, and others as applicable.
  • Develop, implement, and maintain security policies, procedures, and controls to meet compliance requirements.
  • Conduct internal security audits and risk assessments, ensuring alignment with security frameworks and regulatory requirements.
  • Coordinate with legal, HR, and other departments to address compliance and regulatory issues.
  • Manage third-party security assessments, audits, and certifications.
  • Stay up-to-date with evolving regulations, compliance requirements, and security best practices.
  • Act as a liaison between the SOC team and business units to align security operations with organizational goals.
  • Work closely with IT, DevOps, and other departments to ensure security is integrated into the organization’s technology and business processes.
  • Provide training and awareness programs to staff on security policies and compliance.
Apply