SOC Technical Team Leader (new center in Bucharest)

We are the leading technology recruitment and selection consultancy in Romania, working on highly specialized technologies for permanent and interim positions. Since our inception in 2001 as the first specialized IT recruitment agency in Romania we supported over 400 national and global clients in acquiring strategic IT talent for their business.

We are deeply passionate about technology and highly responsible about our work. We understand the pressure of the business and the fact that you need fast and quality results. Therefore we always go for the extra mile to deliver the best IT&C talent for your business, no matter how challenging the project may seem.

Founded in 1851, our client represents an American mutual life insurance company serving five million clients.

In this role, you will demonstrate accountability, agility, a dedication to be inclusive, a strong business acumen, and will show courage, even in the most difficult situations. We also highly value strong communication skills, a passion for learning, leadership traits, resilience and self-awareness.

What success looks like.
• Running off-shore based operations for a 24x7x365 Security Operations Center (SOC)
• Establishing standard and repeatable processes that can be leveraged by both the Romanian shift Tier 1 and Tier 2 analysts as well as within the international shifts
• Ensuring all security events identified via the Security Information & Event Management (SIEM) tool and events reported directly to the SOC are promptly validated and thoroughly investigated

Requirements

• Bachelor’s degree in Computer Science, Computer Engineering, Business Information Systems, Information Technology or Mathematics
• Deep knowledge of cybersecurity attack and defense techniques
• 5+ years of experience in Cybersecurity or related field
• 3+ years working in or managing a Security Operations Center
• Ability to handle high pressure situations with key stakeholders
• Strong written and verbal communication skills
• Strong analytical and problem solving skills
• Experience and confidence with communicating with and presenting to senior leadership
• Preferred:
o Certifications: CISSP, CISM, CISA, GCIH, GIAC
o Knowledge of and practical experience with the MITRE ATT&CK framework
o Experience working in Financial Services or another regulated industry

• Provide oversight and guidance to Tier 1 and 2 Analysts in the Security Operations Center (SOC) US shifts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents
• Provide local oversight of other EIRM resources as part of a fusion center model, ensuring threat intel, engineering and platforms support resources on location are all working collaboratively together.
• Partner with other SOC Technical Team Leaders to ensure appropriate hand off between shifts
• Develop and maintain playbooks for standard and repeatable processes
• Responsible for maintaining training program and content development for analysts
• Oversee security incident escalations from Tier 2 to Incident Response
• Ensure adherence to established Service Level Agreements (SLAs)
• Design requirements for new use cases based on security intelligence
• Develop and coach junior SOC analysts as an opportunity to build future talent for the broader Enterprise Information Risk Management organization
• Establish and ensure adherence to Service Level Agreements (SLAs), following a risk-based approach that is align with the organization’s top risks as identified through the Threat & Vulnerability Assessment (TVA) process