As part of this role you will need to build out and manage a 24/7/365 frontline security operations team including:
Defining roles and recruitment of ideal candidates for SOC operations
Personal development – hiring, training, performance reviews mentoring and managing career progression
24/7/365 rota management
Oversight of all security alerts generated across the Sophos infrastructure escalation processes to ensure appropriate investigation and resolution.
Developing, documenting and implementing SOC processes and technologies, including monitoring and alerting across infrastructure and applications, threat hunting, access control, incident response, forensics, etc.
Provide thought leadership and process excellence in building out SOC functions, SOC teams and day to day operations.
Ensuring process adherence via strict controls, staff education and enablement.
Acting as escalation point for security alerts and when necessary, raising, managing and coordinating security incidents.
Reporting on security alert levels and assigning resources appropriately to ensure continued triage of events.
Ability to communicate vertically throughout the organization via metrics, progress reports, and methodologies.
Project management of small teams on IT security projects and activities.
You will also need to contribute towards:
Determining root cause of alerts and incidents and communicating appropriately.
Feedback performance on Sophos products to product implementation specialists and engineering teams.
Continual improvement of our SIEM.
Risk assessment and threat modelling exercises.
Expert Training and knowledge transfer to peers, the security operations centre and the wider IT team.
Staff education and awareness.