Kansas Works Jobs

Kansas Works Logo

Job Information

Verint Systems, Inc. Team Lead, SOC (Security Operations Center) in Topeka, Kansas

Team Lead, SOC (Security Operations Center)

Location US-Remote (United States)

Job ID 15501

Overview of Job Function:

The Team Lead, SOC will be a hands-on member of the global Security Operations Center team function for Verint. This position involves working with internal and external threat research teams, management of a 24x7x365 Security Operations Center and 24x7 operational management of security incidents, responses, analysis, and investigations. This will include working with internal teams and managing vendor engagements.

Principal Duties and Essential Responsibilities:

  • Perform as a Team Lead of the Security Operations Center.

  • Responsible for security event monitoring, management, and response.

  • Responsible to ensure security incident identification, assessment, quantification, reporting, communication, mitigation and monitoring are handled timely to protect Verint assets, infrastructure, and data.

  • Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.

  • Revise and develop processes to strengthen the current Security Operations framework; review policies and highlight the challenges in managing SLAs.

  • Responsible for vendor management, overall use of their resources and corrective action where required for Security Operations Center.

  • Administration & maintenance of security devices and platforms to ensure accurate protection and reporting.

  • Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.

  • Responsible for working with our security architecture team on the integration of standard and non-standard logs in Splunk SIEM.

  • Creation of reports, dashboards, metrics for SOC operations and presentation to senior management.

  • Performs other duties and responsibilities as assigned by IT Management.

Minimum Requirements:

  • Bachelor’s degree in IT, Security Analysis, Security Forensics, or related field or equivalent work experience.

  • 3+ years of experience in a SOC environment including investigations, analysis and 1-2 years of experience as a Team Lead including managing and coaching employees.

  • Proficient in Incident Management and Response including ITIL Framework processes.

  • Experience in security device management and Splunk SIEM required (Additional knowledge of Cisco security products preferred).

  • In-depth knowledge of data security solutions and concepts such as cyber-attacks and techniques, threat vectors, risk management, and incident management.

  • Experience in threat management and response.

  • Basic knowledge of various operating system flavors including but not limited to Windows, Linux, Unix.

  • Basic knowledge of applications, databases, middleware to address security threats against the same.

  • Proficient in preparation of reports, dashboards and documentation.

  • Experience with presenting complex technical concepts to both technical and non-technical personnel as well as draftingsecurity policies and procedures.

  • Ability to handle high pressure situations with key stakeholders in a professional demeanor to achieve success.

  • Good analytical, problem solving, communication and interpersonal skills.

  • Strong time management and organizational skills with the ability to handle frequent deadlines and unplanned requests for quick action or response.

  • Must be able to travel 25%, domestic and international once COVID-19 restrictions are lifted, and safe travel is possible.

  • Successful completion of a background screening process including, but not limited to, employment verifications, criminal search, OFAC, SS Verification, as well as credit and drug screening, where applicable and in accordance with federal and local regulations.

  • The ability to obtain the necessary credit line required to travel.

Preferred Requirements:

  • Advanced degree in a security field of study such as Threat Analysis or Forensics.

  • Experience utilizing Service Now for event, incident, problem, request, and change management.

  • ITIL coursework or certification.

  • Experience/exposure to ITIL best practices.

  • Expert level experience with Splunk SIEM and defining security alerts.

  • In-depth experience with Cisco Security Tools including AMP, Umbrella, etc.

DirectEmployers