Job Description The Cybersecurity Security Operations Center (CSOC) Managers core function is to provide leadership and oversee the administration of the CSOC, including security engineers and security analysts. The CSOC is responsible for monitoring and alerting on cybersecurity events, ensuring the maintenance of current and future technologies, and continually analyzing threat data to find ways to improve the organization's security posture. This position requires both the ability to tactically focus on immediate threats at hand as identified in alerts and intelligence as well as strategically remain focused on Initiatives tasked by senior leadership. Candidates must be highly analytical, technically competent, and have the ability to provide focus and calm during incident response scenarios. The ability to lead groups or move forward initiatives is essential. In addition, the ability to plan for future team needs requires staying informed of current events in technology platforms and the Cybersecurity industry. RESPONSIBILITIES Operational Management  Manage team employees reporting directly to you. Responsibilities include preparing midyear and annual staff evaluations and addressing both opportunities for growth (such as promotions) or improvement (such as employee performance improvement plans) as performances warrant.  Manage the on-call rotation and time off for the SOC  Providing regular training sessions and mentorship opportunities to facilitate knowledge-sharing within the team.  Hiring new staff members or contracting outside services to supplement your team's capabilities when needed.  Responsible for vendor management - existing and future contractual relationships with technology and service providers. This includes working to address support issues, contract renewals / discrepancies, bi-weekly meetings, Quarterly Business Reviews, etc.  Track tool performance / utilization to measure return on investment and support future evaluation / rationalization needs.  Responsible for identifying tool / service evaluation opportunities. Working closely with the Security Threat Architect.  Responsible for day-to-day CSOC budget management  Lead your team and communicate with management during incident response (IR) to ensure timely notification and containment occur. Responsibilities include ensuring communicating, documenting IR progress, and following through with post-mortem reviews.  Ensure CSOC meets regulatory compliance of both internal and external auditors by adherence to policies and procedures. Ensure version control of SOC alerts as well as least privilege access to logs and investigation data.  Ensure synchronization and collaboration between the CSOC and Cyber Threat Intelligence team.  Work with other departments to identify the root causes of security incidents and develop strategies to mitigate these risks. Strategy & Planning  Work with employees on Individual Development plans. Interface with management and Human Resources to ensure plans meet business needs and provide measurable advancement steps to employee promotion and realization of career goals.  Responsible for building and briefing at the monthly Governance Board meetings for existing or future spend as appropriate.  Responsible for planning and prioritizing annual spend for CSOC in support of Operational Plan Development and advising upper management on budget forecasting.  Improve incident response times, reduce false positives and other extraneous alerts, and enhancing threat detection capabilities.  Work with CSOC and architecture in determining technology and resource requirements.  Participate in engagement with other service families and departments in addressing CSOC logging and monitoring needs. Engage with same groups in developing Enterprise logging and monitoring strategies and solutions.  Stay abreast of business and technological developments to properly prepare CSOC future posture. Acquisition & Deployment  Work with upper management to understand budget availability to shape CSOC efforts.  Supervise team and/or perform compliance assessments to include Proof of Value (PoV) or Proof of Concept (PoC) for new program security tools.  Provide an accurate technical evaluation of the software application, system, or network, documenting the security posture, capabilities, and vulnerabilities against relevant information assurance policies. Incidental Functions  Assist with other projects as required to contribute to efficiency and effectiveness of the organization.  Travel may be required but should not exceed 10% of work time.  Work outside the standard office 7.5-hour workday may be required with on-call availability Salary Range: $115,000- $150,000 We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .     To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements Bachelors Degree or at least 12 years in experience in the field of Information Technology or Business  Must have 10+ years of IT experience, with at least 8 of those years being in IT security  Must have 4+ years of leading and managing a team of direct reports  Minimum of 1-year of experience with cyber-security investigations and incident response.  Minimum of 1 year of experience in process analysis and improvement.  Must have a background in metrics/reporting  Experience identifying and implementing solutions to complex business problems.  Understanding of various operating systems (z/OS, Window, UNIX, Linux, AIX, etc.) with an emphasis on vulnerability assessment and hardening.  Ability to analyze reports by reviewing incident or threat frequency, severity, and duration data. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.