SOC Lead

SOC Lead

Department: Threat Management: Strategic Services

Employment Type: Full Time

Location: Costa Rica

Description

Company Background

With 30 years of experience in cyber defense, DeepSeas is trusted by nearly 1,000 clients around the world, including Fortune 100 enterprises and mid-market organizations, higher education institutions, municipality and local governments, and federal agencies. Known for its programmatic approach to continuously transforming cyber defense programs, DeepSeas is recognized by Gartner as a top 40 provider of MDR and ranked as a top 5 MDR leader in the 2024 Frost Radar™: Global Managed Detection and Response (MDR) Market. In addition to its industry-leading MDR service, DeepSeas offers a full suite of advisory, compliance, and testing services to support clients on their cybersecurity transformation journeys, with an approach to cyber defense that prioritizes technical expertise, tradecraft, and continuous innovation to deliver unparalleled results.

 Position OverviewDeepSeas is a trusted provider of Managed Detection & Response (MDR), threat intelligence, and advisory services, helping organizations navigate complex cyber risks with confidence. As we expand our services portfolio, we’re seeking driven, strategic Product Managers to lead the development, execution, and lifecycle management of our cybersecurity offerings.

As a Product Manager for Cybersecurity Services, you will play a pivotal role in defining and managing a suite of cutting-edge services within DeepSeas’ portfolio. You’ll work cross-functionally with engineering, sales, marketing, and operations to bring services to market, refine offerings based on market demand and client feedback, and ensure commercial success.

This role requires a blend of strategic thinking, technical aptitude, market awareness, and operational execution.

Key Responsibilities

• Lead and mentor a team of L1 and L2 incident responders in handling security incidents.
• Coordinate with internal and external stakeholders during high-severity incidents.
• Develop, refine, and test incident response playbooks and procedures.
• Conduct advanced threat-hunting activities to detect sophisticated adversaries.
•  Collaborate with threat intelligence and vulnerability management teams to stay updated on emerging threats and vulnerabilities.
• Provide expert guidance in root cause analysis and post-incident reviews.
• Develop and fine-tune detection rules to enhance threat detection capabilities.
•  Use frameworks like MITRE ATT&CK to understand and categorize threat actor TTPs.
• Drive continuous improvement initiatives within the SOC.
•  Generate metrics and reports on incident response activities and trends for leadership.
• Conduct regular briefings to leadership on security incidents and trends.
•  Develop and maintain scripts to automate and enhance incident response processes.
• Conduct in-depth malware analysis to determine malware samples' functionality, origin, and impact.
• Collaborate with threat intelligence teams to correlate malware findings with known threat actor campaigns.
• Provide recommendations to enhance detection and prevention capabilities based on malware analysis findings.
•  Lead digital forensics investigations, including memory forensics, to uncover evidence and artifacts related to security incidents.
• Oversee network forensics activities to analyze network traffic logs and detect malicious activities or patterns.
• Serve as a subject matter expert on incident response and provide guidance and advice to organization’s leadership 

Skills Knowledge and Expertise

• Lead and mentor a team of L1 and L2 incident responders in handling security incidents.
• Coordinate with internal and external stakeholders during high-severity incidents.
• Develop, refine, and test incident response playbooks and procedures.
• Conduct advanced threat-hunting activities to detect sophisticated adversaries.
• Collaborate with threat intelligence and vulnerability management teams to stay updated on emerging threats and vulnerabilities.Provide expert guidance in root cause analysis and post-incident reviews.
• Develop and fine-tune detection rules to enhance threat detection capabilities.
• Use frameworks like MITRE ATT&CK to understand and categorize threat actor TTPs.
• Drive continuous improvement initiatives within the SOC.
• Generate metrics and reports on incident response activities and trends for leadership.
• Conduct regular briefings to leadership on security incidents and trends.
• Develop and maintain scripts to automate and enhance incident response processes.
• Conduct in-depth malware analysis to determine malware samples' functionality, origin, and impact
• Collaborate with threat intelligence teams to correlate malware findings with known threat actor campaigns.
• Provide recommendations to enhance detection and prevention capabilities based on malware analysis findings.
• Lead digital forensics investigations, including memory forensics, to uncover evidence and artifacts related to security incidents.
• Oversee network forensics activities to analyze network traffic logs and detect malicious activities or patterns.
• Serve as a subject matter expert on incident response and provide guidance and advice to organization’s leadership.

Why DeepSeas?

At Deep Seas, we like to say that heart rates go down, careers take off, and security programs mature. Our values provide the ultimate guide for our daily behavior and decisions. Without these values, we aren’t Deep Seas. They preserve the essence of our organization, reflect the personalities of our Deeps (how we affectionately refer to our teammates), and enable us to exceed expectations. Our values are:

• We are client obsessed. 
• We stand in solidarity with our teammates.
• We prioritize personal health and well-being.
• We believe in the power of diversity.
• We solve hard problems at the speed of cyber.

This is your chance to join a supportive crew of teammates and an industry-leading organization that values opportunities for growth. If DeepSeas sounds like a good fit for you, send us your resume and let’s talk!

Information security is everyone’s responsibility:

• Understanding and following DeepSeas’s information security policies and procedures.
• Remaining vigilant and reporting any suspicious activity or possible weaknesses in DeepSeas’s information security.
• Actively participating in DeepSeas’s efforts to maintain and improve information security.
• DeepSeas considers this position is as Moderate Risk with a potential to view/access/download restricted/private client/internal data. This information must be treated with sensitivity and in the most secure manner. HR reserves the right to perform random background/drug screens to ensure the safety of client/DeepSeas data