Information Security - Global SOC Manager
Assist in building a world class Security operations team for S&P Global
Manage the S&P Global 24/7 Security Operations Team
Manage the scoping, containment, remediation, reporting, of Incidents
Provide guidance on control implementation for post-incident risk reduction.
Support the ongoing development of the SIEM environment and Use Case development.
Support our Cyber Security Incident Response Team.
Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.
Conduct host forensics, network, log analysis, and malware triage in support of incident response investigations.
Develop comprehensive and accurate reports and presentations for both technical and executive audiences.
Effectively communicate investigative findings and strategy to stakeholders including technical staff, executive leadership, and legal counsel. Requirements:
Previous experience in a financial organization.
5 Years' Experience in Security Operations as hands on technical lead.
3 Years' Experience as SOC manager.
Proficiency in Splunk, searching, alerting, dashboard creation, use case creation and logic tuning.
Experience with using common EDR tools to investigate and remediate findings.
Hands On Threat hunting experience.
Proficiency in reviewing logs, determining threat actor TTPs, investigating incidents and implementing defensive strategies
Understanding of the cyber incident lifecycle.
Proficiency in investigating malicious behavior in on Prem and cloud environments.
Hands on experience managing a global 24/7 team
Experience with writing and managing IOC's and signatures such as OpenIOC format, YARA, and Snort.
Demonstrated ability to make decisions on remediation and counter measures for challenging information security threats
Ability conduct frequency analysis of host system artifacts and analyze patterns of behavior to identify potentially compromised hosts.
Expertise in analysis of TCP/IP network traffic and communication protocols
Experience with a scripting language such as Perl, Python, or other scripting language in an incident handling environment
Experience with malware analysis and reverse engineering
Experience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operations
Experience with advanced computer exploitation methodologies preferred, including analysis tools such as Encase or FTK Soft Skills
Attention to detail and ability to recognize and resolve discrepancies
Strong written and verbal communication skills
Self-motivated, enthusiastic, and passionate about Information Security
Ability to multi-task and prioritize
S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race/ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.
The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.
20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.2 - Middle Professional Tier II (EEO Job Group) Job ID:
256752 Posted On:
Richmond, Virginia, United States