Key Responsibilities:

Leadership and Team Management:

Lead and manage the Internal Red Team and SOC Operations teams, ensuring effective collaboration and alignment with organizational security objectives.

Provide mentorship and guidance to team members, fostering a culture of continuous learning and professional development.

Conduct regular performance reviews and provide ongoing feedback and coaching.

Red Team Operations:

Plan, execute, and oversee red team exercises to identify and exploit vulnerabilities in systems, networks, and applications.

Develop and maintain red team methodologies, tools, and documentation.

Work closely with other security teams to remediate identified vulnerabilities and improve security defenses.

SOC Operations Management:

Oversee the daily operations of the SOC, ensuring efficient and effective monitoring, detection, and response to security incidents.

Develop and maintain SOC processes, procedures, and documentation to ensure consistent and high-quality operations.

Ensure the SOC is staffed 24/7, including managing schedules, shifts, and on-call rotations.

Incident Response and Management:

Coordinate and lead the response to major security incidents, including investigation, containment, eradication, and recovery.

Develop and maintain an incident response plan and ensure the team is well-trained and prepared to handle incidents.

Conduct post-incident reviews and develop lessons learned to improve future response efforts.

Threat Intelligence and Analysis:

Oversee the collection, analysis, and dissemination of threat intelligence to inform security operations and red team activities.

Ensure the SOC team utilizes advanced threat detection tools and techniques to identify and mitigate threats.

Collaborate with other teams to enhance threat intelligence capabilities and integrate with existing processes.

Security Monitoring and Reporting:

Ensure continuous monitoring of network traffic, system logs, and security alerts using SIEM (Security Information and Event Management) solutions.

Develop and maintain metrics and dashboards to report on SOC and red team performance and security posture.

Present regular reports and briefings to senior management on the state of security operations and key incidents.

Policy and Compliance:

Develop and enforce security policies, procedures, and standards in alignment with industry best practices and regulatory requirements.

Ensure compliance with relevant regulations, such as GDPR, and PCI-DSS.

Participate in security audits and assessments, and coordinate with external auditors as needed.

Qualifications:

Bachelors degree in Computer Science, Information Security, or a related field. Equivalent work experience may be considered.

Minimum of 7 years of experience in cybersecurity, with at least 3 years in a management or leadership role overseeing red team and/or SOC operations.

Strong understanding of offensive security practices, including penetration testing and red teaming methodologies.

Experience with SOC operations, including incident response, threat detection, and SIEM tools such as Splunk, ArcSight, or QRadar.

Knowledge of common attack vectors and techniques, such as phishing, malware, and ransomware.

Familiarity with regulatory requirements and frameworks, such as NIST, ISO 27001, and GDPR.

Relevant certifications, such as CISSP, CISM, OSCP, CEH, or GIAC, are highly desirable.

Excellent leadership, communication, and interpersonal skills.

Ability to work effectively under pressure and manage multiple priorities.

Role: Technical Operations (Tech Ops)

Industry Type: IT Services & Consulting

Department: Customer Success, Service & Operations

Employment Type: Full Time, Permanent

Role Category: Operations Support

Education

UG: Any Graduate

PG: Any Postgraduate