Sr. Director, Security Operations Center in Washington, DC at Vaco

Date Posted: 8/12/2019

Job Snapshot

Job Description

Vaco is a private-equity backed solutions company that provides consulting, managed services, staffing, and placement services globally. Established in 2002 by "Big 4" consulting veterans, Vaco now has over 40 offices and has worked with over 9,000 clients. We have over 6,000 consultants and been named to Inc. magazine's list of fastest-growing private companies for the past 12 years. Vaco offers boutique services with global reach.

The Vaco Cyber Security team's success relies on the trusted relationships built with our clients. We recognize the challenge organizations encounter improving security, restructuring operations and handling risk while maintaining compliance and keeping costs down. Our information security specialists work closely with organizations to provide the solutions that best match business and security objectives. As a member of the team, you will have the opportunity to utilize and expand your skills through client experience and industry training while collaborating with security professionals across industries. Our team provides the full spectrum of security services to clients including, Strategy & Advisory, Identity & Access Management, Cyber Security Operations, Managed Services, Governance, Risk, and Compliance.

Looking for an exciting career opportunity as a Director of SOC? Instead of being another faceless resume, let Vaco advocate for you! Right now, we are looking to fill a position for our SOC Team. With Vaco, you will have an advantage over your competition! Our information security practice maintains strong relationships with clients, connect your experience with the right consulting project-promoting your strengths to the manager while preparing you for that specific interview.

Our team will provide you with great insight about trends in the market - keeping you up to date on compensation expectations, opportunities to work on exciting, impactful projects, and opportunities for industry training and advancement. If you're an experienced, and you want to partner with the best, apply today

-What you'll do on a typical day:

* Work alongside a talented and maturing team conducting cybersecurity analysis, including working with an outsourced level1 SOC and insourced Level2 SOC function

* Review, analyze, troubleshoot and drive issue resolution utilizing different data feeds, such as SIEMs, intelligence feeds, threat detection systems, IDS/IPS, antivirus servers and vulnerability management scanners

* Collaborate with the Forensics, Security Engineering and Threat & Vulnerability Management teams for investigations, as well as incident response and forensics capabilities and processes

* Partner with the broader security engineering and operations team to manage SIEM platforms, including design and engineering; and develop process and program documentation as needed

-At a minimum, you'll need:

* Bachelor's degree in Computer Science or a related field, or equivalent work experience

* 4 years of related SOC experience

-Experience in creating process and procedure documentation for a SOC operation

* Experience with ServiceNow Sec Ops integrations with SOC process

* Demonstrated experience with data analysis, documentation and reporting

-It'd be great if you also have:

* GCIH, GCIA or other industry-relevant certification(s)

* Knowledge of SIEM technology with experience working with Splunk Enterprise Security

* Familiarity with intrusion detection methodologies and techniques for detecting host and network-based intrusions; incident response and handling methodologies; computer networking concepts and protocols; industry-standard and organizationally accepted analysis principles and methods; and network security methodologies

* Knowledge of the corporate cybersecurity threat landscape, cyber threats and vulnerabilities, system and application security threats and vulnerabilities, and tactics and targets of Nation State actors and APTs

* Familiarity with Cloud structure and security monitoring capabilities for AWS, Azure and O365

* Knowledge of fundamental SOC performance metrics, penetration testing principles, tools and techniques, and network traffic analysis methods