Manager SOC Analayst

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

Position Summary

To address the most critical needs of our clients, RSM US LLP established the Security and Privacy Services group, comprised of more than 300 professionals dedicated exclusively to serving the cybersecurity needs of our clients. This group includes experienced consultants located throughout the United States, Canada, El Salvador, and India dedicated to helping clients with preventing, detecting, responding, and recovering to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise across the full suite of security and privacy capabilities including managing the daily activities associated with our clients’ security operations.

We are seeking individuals with both broad and deep managed security services experience and skills to join our team and run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have solid working knowledge of security monitoring and detection leading practices, understanding of industry threat and attack models, experience conducting threat hunting and intelligence activities, automation and orchestration trends and innovation as well as experience leveraging this knowledge to benefit organizations in an operational capacity.

As a leader within the Managed Security Services practice, the successful SOC Manager will direct a centralized and geographically disbursed team of security operations personnel aligned to either a day or evening shift, ensuring consistency of service delivery and a smooth transition between shifts. These individuals will also work across multiple client accounts within a wide variety of industries. They are responsible to manage a number of senior analysts and analysts working within the security operations center. Working with the Global SOC Operations Lead, this role supports our professionals by instilling a mutually respectful team environment that allows for them to operate at their best and integrate their career with their personal life. SOC Managers typically have 7-10 years of experience in the following areas:

• Overseeing the assigned shift and continually mature the security operations center activities
• Providing consolidated reporting and dashboards to operational leadership
• Working with the recruiting team to conduct technical interviews of potential analysts
• Demonstrating the ability to manage security operations teams, identify necessary skill sets and opportunities for continued team member professional growth
• Providing leading practice recommendations in security operations, incident response, vulnerability management and automation
• Understanding native monitoring tools available from common cloud platforms
• Supporting simple to complex enterprise managed security solutions for a variety of business use cases and requirements
• Guiding and mentoring client counterparts through the ongoing operational activities
• Mentoring and directing analysts, conducting quality reviews of their activities, providing direction, and serving as technical lead

Required Qualifications:

• Bachelor's degree or higher
• 7-10 years of related work experience, specifically 5+ years of security operations center experience operating in the cloud and/or on premise
• Proven experience leading security operations center teams including interacting with external client teams and supporting operational protocols
• Experience using the ServiceNow suite for overall security operations workflow management
• Utilizing SIEM technologies such as Splunk, LogRhythm, Azure Sentinel, and StellarCyber
• Experience building and maturing security operation center capabilities and operations
• Experience serving complex architectures and environments (cloud, on-prem or hybrid)
• Experience with various automation platforms such as security orchestration and automated response (SOAR) tools
• As this role will be client facing during incident investigations, being able to communicate effectively, both in writing and verbally in English is mandatory
• Ability to interact effectively with internal and external resources at all organizational levels
• Excellent project management, organization, and follow-up skills
• Strong critical thinking and problem-solving skills

Experience with the following platforms is preferred:

• Common cloud platforms – Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform
• SOAR tools such as: Torq, Phantom, Forescout, etc.
• Proficiency with AWS Security Center and popular security services (IAM, Key Vault, etc.)
• Knowledge and proficiency with popular cloud security services (VPC, RDS, IAM, WAF, IDS/IPS, AS3, SQS, SNS, CloudWatch, CloudTrail, Inspector, Config, etc.)
• Vulnerability tools such as: Kenna, Tenable, Qualys, etc.
• Threat intelligence tools such as Recorded Future and ThreatConnect
• Endpoint detection and response tools such as: SentinelOne, Crowdstrike, Defender, etc.
• Microsoft 365
• Cloud access service brokers such as Netskope, ZScaler, McAfee, Forcepoint
• Containers (Kubernetes, Docker) and security leading practices

You want your next step to be the right one. You’ve worked hard to get where you are today. And now you’re ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you’ll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM. Experience the power of being understood.