Overview
The Security Operations Center (SOC) coordinator is responsible for ensuring the ICRC is prepared to detect, respond to and recover from cyber-attacks. The role oversees day-to-day operations of the ICRC's hybrid SOC across Security Monitoring and Incident Response.
Key Responsibilities
- Support the CISO function in delivering the ICRC cyber security strategy and continuously evolving the SOC mission
- Coordinate all SOC functions (cyber security monitoring, cyber security incident response, vulnerability management and threat intelligence) and daily interaction with the MSSP
- Coordinate a team of Cyber Security Engineers
- Ensure SOC adherence to security policies and procedures; revise and develop SOC-related policies, standards and procedures within the Information Security Framework
- Deliver agreed SOC measurables and metrics to the CISO
- Ensure efficient cyber security incident identification, triage, reporting, communication and monitoring via MSSP
- Ensure efficient operation of standard reporting channels for suspected cyber security incidents
- Responsible for overall coordination and execution of the response to Tier 1, 2 & 3 cases
- Assign tasks to Cyber Security Engineers
- Manage escalated, unresolved, persistent or repetitive cases
- Support Cyber Security Engineers in disseminating incident-related information to constituents and concerned parties via established processes, tooling and communication channels
- Work closely with vulnerability management functions to ensure required corrective actions are applied appropriately and timely, notably those related to security patches
- Contribute to the continuous improvement, evolution and extended scope of the vulnerability management process
- Work closely with threat intelligence functions to ensure SOC detection capabilities are appropriately enriched via internal and external TI feeds
- Based on TI feeds, plan and coordinate threat hunts and responses with Cyber Security Engineersd via internal and external TI feeds
Required Experience
- Minimum 3 years of professional experience in cyber security
- Experience working in an international and multicultural environment
Qualifications
- University degree in Computer Science, Engineering, or related field (a major in security is an asset)
- Security certifications (CISSP, CCSP, SANS GIAC, CEH, Security+ and/or Offensive Security) are a strong asset
