EXTERNAL CLIENT ROLE
As the Lead SIEM Operations Engineering Manager, you would be responsible for the management of the global SIEM Operations team. The team ensures that the bank’s SIEM environment is fully operational at all times, so as to enable the SOC to discover, detect, and disrupt cyber threats in real time. Additionally, the team is responsible for all SIEM related software and hardware problem resolution, maintenance, testing, upgrades and overall resiliency of the environment in conjunction with our clients. The team is comprised of resources in multiple locations and includes both full time employees as well as vendor resources.
Your Key Responsibilities:
- Support the overall global Cyber Security Analytics Engineering team in managing scope, cost, schedule, risks, SLAs, KPIs, OLAs and deliverables while adhering to staffing and budgeting requirements
- Manage the Global 365x24x7 SIEM Operations environment including capacity planning, software and hardware upgrade, developing appropriate and consolidated implementation and communications plans to move forward where necessary
- Work with Global Head of Cyber Security Analytics Engineering and team leads to ensure the global SIEM environment is assessed periodically against emerging cyber threats and technology, as well as future bank needs.
- Where appropriate, help develop plan and implement next generation SIEM for the bank
- Work with clients to understand their requirements and prioritize delivery while leading/collaborating with an internationally distributed team of experts (both internal and external implementation partners)
- Serve as SIEM owner, escalation instance and single point of contact for all things SIEM related
Your Skills and Experience:
- Hands-on technical working/implementation experience with data analytics, security use case development or SIEM tool
- Cloud experience (Azure, GCP, Openstack, Cloudera, etc.); large datasets and file systems (Hadoop, etc.) a plus
- Experience investigating, evaluating, proposing and implementing chosen security tools and processes globally for hybrid on-prem/cloud environments preferred
- Experiencing implement HA/BCP/DRP
- PMI PMP or equivalent