SUMMARY
The Security Operations Centre (SOC) Manager will manage the SOC functions and operations. Ensure the monitoring and analysis of incidents addressing all security incidents and ensuring timely escalations. The Security Operations Center Manager provides direction to analysts as well as a liaison to the Security Engineering teams.

Responsibilities
Manage the day-to-day SOC Operations as well as additional Incident Response activities as required
Supervise the SOC team, provide technical guidance, and interface with teams as needed
Oversee all management activities related to SOC operations including but not limited to people management, training, and mentoring.
Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs
Regularly interact with senior leadership and agency technology leadership.
Serve as a member of the CSIRT leadership team, with the role of IR Manager
Responsible for running the periodic IR tests, writing IR Test reports, and driving 'lessons learned' activities.
Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
Creation of reports, dashboards, metrics for SOC operations and presentation
Timely threat intel information sharing with public and private partners.

Responsibilities:
1. Expertise in implementing, administrating and operating information security technologies such as firewalls, IDS/IPS, SIEM, Antivirus, network traffic analyzers and malware analysis tools.
2. Utilizes advanced experience with scripting and tool automation such as Perl, PowerShell, Regex.
3. Develops, leads, and executes information security incident response plans.
4. Develops standard and complex IT solutions & services, driven by business requirements and industry standards.
5. May also leverage dynamic and static code assessment tools to measure vulnerability of applications throughout the SDLC.