Contact us about our enterprise services: email | phone | chat

  • Supervisor, Incident Response & Monitoring (CSOC)

    Navy Federal Credit Union

    The Supervisor for Incident Response & Monitoring (IRM) provides operational oversight to the computer incident response and security monitoring function of the Navy Federal Cybersecurity Operations Center (CSOC). The Supervisor will work closely with the CSOC Manager and the IRM Technical Supervisor to define the strategic vision for the team and help mature a constantly evolving computer network defense program.

Description

The Supervisor for Incident Response & Monitoring (IRM) provides operational oversight to the computer incident response and security monitoring function of the Navy Federal Cybersecurity Operations Center (CSOC). The Supervisor will work closely with the CSOC Manager and the IRM Technical Supervisor to define the strategic vision for the team and help mature a constantly evolving computer network defense program.

The Supervisor provides leadership, guidance, and procedural expertise on a day-to-day basis, and is responsible for ensuring staff is responsive and timely in analyzing and responding to critical events while performing 24/7365 monitoring of NFCU’s global information technology environment.

The Supervisor will work closely with additional teams of information security analysts and engineers to protect Navy Federal’s brand, data, and IT assets from cyber-based threats.


Responsibilities

  • Responsibilities
  • • Oversee the 24/7/365 shift operations for computer incident response and security monitoring function of the Cyber Security Operations Center (CSOC) supporting both employees and a growing customer member base from cyber threats. Primary responsibilities include:
  • • Managing the day-to-day operations and ensuring continuity between staff across shifts and geographically separated locations.
  • • Defining and implementing operational metrics and reporting based on for Key Performance Indicators (KPI's) to include associated workflows related to security event monitoring and the response of cyber incidents.
  • • Defining and implementing process, procedures, and standards that are consistent with industry best practices.
  • • Ensure incidents and investigations are thoroughly documented for the purposes of facilitating record keeping, process improvement, lessons learned, trend analysis, and senior leadership reporting.
  • • Provide guidance in the development and maintenance of Standard Operating Procedures and similar documentation.
  • • Ensure staff at all levels consistently apply defined process and procedures to established standards.
  • • Escalating issues to management in a timely manner with appropriate information regarding risk and impact.
  • • Manage team personnel to include performance management and professional development, and provide leadership, guidance, and technical expertise on a day-to-day basis.
  • • Execute ad-hoc tasks or lead small projects as needed.
  • Qualifications
  • Candidates must possess:
  • • Several years of experience serving in a senior analyst or supervisory role within a large enterprise SOC or Information Technology (IT) operations center.
  • • Expert-level understanding and experience in the practical application of the Incident Response Lifecycle and associated best practices.
  • • An understanding of network and host-based forensic methodologies.
  • • Demonstrated knowledge of enterprise-grade security technologies and capabilities to include Security Information and Event Management (SIEM), log management and search, incident case management, intrusion detection/prevention systems, antivirus, full packet capture, data loss prevention (DLP), firewall, web proxy, user/endpoint behavior analytics (UEBA)
  • • An understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).
  • • Demonstrated knowledge of information security programs and operations, and data security practices and procedures, including risk identification/assessment.
  • • Strong problem solving and critical thinking abilities.
  • • A strong desire for continuous process improvement and excellence.
  • • Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.
  • • Strong leadership qualities to include the ability to team-build, lead, mentor, and motivate others.
  • • The ability to foster team work and collaboration across operational teams.
  • • Strong planning and organizational skills.
  • Desired:
  • • Knowledge of industry Standards and Frameworks including ISO, ITIL, COBIT, and NIST.
  • • Previous experience within the financial sector.
  • • Preferred Certifications - GIAC (e.g., GCIH, GCIA, GCFA, etc.), CEH, CISSP, or Security+.
  • • Experience with RSA SecOps and Splunk Enterprise Security (ES).
  • Hours: 8:00am – 4:30pm & as business needs dictates
  • Monday - Friday

Details

  • Travel No travel
  • Incentives Not provided
  • Clearance & Citizenship U.S. Citizenship
  • Remote Work No remote work
  • Education High School Diploma
  • Salary Range Not provided

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 3.7

    Overall Rating - Satisfied


  • Culture and Values 3.9
  • Work/Life Balance 3.4
  • Senior Management 3.3
  • Comp and Benefits 4.1
  • Career Opportunities 3.4

NinjaJobs by the Numbers - Q2-17