Head of MDR/SOC - CSIS Security Group A/S Vestergade, København, Danmark Bookmark Share Print 1573 0 2

Listing Description

MDR Centre Manager

CSIS is seeking a talented Manager for our market-leading Managed Detection & Response (MDR) Centre. 

CSIS is Denmark’s leading cybersecurity services company. MDR is one of our 3 strategic growth pillars, and due to our continued commercial success and dynamic ambitions, we are looking for top talent to join our expanding team.

You are already an experienced cybersecurity professional, leading a team of analysts in an MDR Centre or SOC. You will have strong team management, communication and organizational skills. You will have a high-performance approach to management and be process-driven. You will also have significant security analyst and incident response experience.

About the role:

The MDR Centre Manager is responsible for hiring, managing, training and developing all CSIS’s Security Analysts. The team delivers 24x7x365 detection, response, and customer engagement for our MDR service. The manager will own processes, SLA metrics and reporting. The MDR Centre Manager is responsible for effective communication between MDR Engineering, Sales, Consulting and other functional areas in the company.

The MDR Centre Manager is responsible for functional processes and the performance of the MDR Centre.  This will include Incident Triage, Incident Investigation, Incident Escalations and any other functional role required to deliver exceptional value to customers.  This team member will partner with Portfolio Management and the MDR Product Owner to drive enhancements and evolution of the function they own and improvements within the team's platform.

Security Analysts are responsible for investigation and incident response capabilities for all customers.  The MDR Centre Manager can lead the team through the process and execute effectively when customer breaches require immediate investigation.

This role reports to the Director of MDR and would require relocation to Denmark.

Your primary responsibility will be to:

• Operate and lead our 24x7 MDR Center. While this role is considered business hours, there might, on rare occasions, be additional responsibilities in regards to supporting the team in off-hours.
• Be a subject matter expert on event monitoring, triage, and response capabilities.
• Lead daily operations for a dedicated team of Security Analysts performing MDR services.
• Manage a 15+ member team of Security Analysts accountable for the execution of detection, response, and customer requests.
• Develop, enhance, and operationalize processes to better deliver against customer expectations.
• Develop, measure, analyze, and maintain the internal and external service metrics for Service Operation, providing timely reports to the Director of MDR.
• Leverage metrics to make better-informed decisions on how to improve the capability and functionality of the organization.
• Drive people management responsibilities.
• Provide escalation support for both customer management challenges, security incidents, and ticket triage functions.
• Lead, coordinate, and train others on effective management of security incidents and operational responses for customers.
• Lead post-incident analysis and documentation.
• Work effectively with the Innovation & Development team to improve the MDR platform and Threat Intelligence Portal.
• Ensure that the organization stays current with new and emerging threats, security risks, and potential impacts to the business.
• Seek innovative approaches to security incident response programs.
• Assist with various audit of internal compliance to cybersecurity policies.
• Communicate exceptionally well with business and technical audiences.
• Ability to lead remote team members, as not all team members will be in the local office at all times.

Essential requirements:

• At least 5 years of experience in cybersecurity; ideally 2+ years in a management role with an MDR/SOC/Vulnerability management position 
• Experience leading and managing the security operations team
• Knowledge of relevant technologies: EDR, NDR, SIEM
• Knowledge of industry adopted frameworks and methodologies (e.g., MITRE ATT&CK, NIST)
• Able to work or relocate to Copenhagen 
• a clean criminal record and get approval for security clearance HEM
• Fluent English. 

Sounds like you? Then reach out to Casper Høgh on Casper@hawkRec.com, Who handles this recruitment on behalf of CSIS.

About CSIS:

Founded in 2003, CSIS Security Group A/S (CSIS) is a leading provider of advanced cybersecurity capabilities, focused on actionable and intelligence-driven detection and response services. We are the preferred cybersecurity partner to notable organizations across various sectors, including Banking & Financial Services, Energy & Utilities, Manufacturing, Transportation & Logistics, and Government & Public Sector. We are a trusted adviser to law enforcement agencies (including the FBI, NCA, Europol) and are also sought-after speakers for public and closed-community conferences worldwide. Additionally, our depth of expertise and distinguished reputation ensures that we are regularly called upon as expert commentators on cyber topics for the media.