SOC Analyst Team Shift Supervisor

About Us:  

Thrive is a rapidly growing technology solutions provider focusing upon Cloud, Cyber Security, Networking, Disaster Recovery and Managed Services.  Our corporate culture, engineering talent, customer-centric approach, and focus upon “next generation” services help us stand out amongst our peers.  Thrive is on the look-out for individuals who don’t view their weekdays spent at “a job”, but rather look to develop valuable skills that ignite their passion and lead to a CAREER.  If you’re attracted to a “work hard, play hard” environment, seeking the guidance, training, and experience necessary to build a lucrative career, then welcome to THRIVE!!  

Position Overview:  

With a growing client base, Thrive is continuing to build out its security team.  We are looking to hire a SOC Analyst Team Shift Supervisor to take a role within our Security Operation Center to lead and mentor a team of analysts while at the same time developing and maintaining critical security processes and procedures.  The ideal candidate will have a passion for information security and will value what a properly managed Security monitoring solution can bring to our client needs.  The candidate should have a solid technical security background combined with customer service expertise, and a problem-solving attitude with an ability to motivate his/her team to achieve specific goals while ensuring high quality technical support and high client satisfaction.  

Primary Responsibilities:  

• Manage and mentor a team of security analysts in the daily operations of the SOC 

• Responsible for SOC Analysts during your shift 

• Handle a variety of personnel management duties such as: 

• Periodic meetings, one-on-one meetings, annual performance reviews, etc. 

• Ongoing employee KPIs and evaluation metrics. 

• Responsible for reviewing and approving PTO and Expense Report requests. 

• Other miscellaneous management duties as required. 

• Ongoing training of direct reports and assist with training for the team as a whole.  

• Assist through the hiring process, including applicant review, interviews, candidate evaluations and the initial training of new employees. 

• Assist with the development and implementation of processes and procedures for incident response, threat detection and analysis, security event management, and reporting.  

• Assist with maintaining the SOC's incident response playbooks and incident management procedures.  

• Perform security event monitoring using Security Information and Event Management (SIEM) from multiple sources, including but not limited to, events from network and host-based intrusion detection/prevention systems, network infrastructure logs, systems logs, applications, and databases.  

• Investigate intrusion attempts, differentiate false positives from true intrusion attempts, and perform in-depth analysis of exploits.  

• Lead incident response for confirmed security incidents and follow through until resolution.  

• Actively investigate and stay current on the latest security threats, vulnerabilities, advisories, incidents, and TTPs (tactics, techniques, and procedures) and work with Security Engineering team to recommend use cases.  

• Proactive monitoring and response to known and/or emerging threats.  

• Carry out Thrive’s information security strategy both internally and externally for 400+ clients worldwide.    

• Work within Thrive’s security standards and best practices and recommend future enhancements.   

• Stay abreast of security events and techniques to keep our clients protected.  

• Provide escalation assistance, as needed, to the employees working during your shift. 

• Ensure everyone on your shift is delivering excellent customer service, and assist with any client escalations or communications (e.g. calls, meetings, etc.) to handle concerns. 

Qualifications:  

• Has advanced knowledge of the following systems and technologies:   

• SIEM (Security Information and Event Management) 

• TCP/IP, computer networking, routing, and switching 

• IDS/IPS, penetration and vulnerability testing 

• Firewall and intrusion detection/prevention protocols 

• Windows, UNIX, and Linux operating systems 

• Network protocols and packet analysis tools 

• EDR, Anti-virus, and anti-malware 

• Content filtering 

• Email and web gateway.   

• Advanced knowledge of Azure/O365 environments 

• Advanced knowledge of domain structures  

• Demonstrates comprehension of good security practices  

• Professional experience in a system administration role supporting multiple platforms and applications  

• Ability to communicate network security issues to peers and management 

• Able to successfully supervisor and mentor team members 

• Excellent written and verbal English communication skills 

• Able to work under pressure and handle client communications successfully 

Required Skills:  

• Computer Networking & Security  

• Experience with creating playbooks and effective security processes  

• Operating System Internals  

• Familiarity with TCP/IP network protocols, application layer protocols (e.g., HTTP, SMTP, DNS, etc.).  

• Excellent Written and Verbal Communication Skills  

• Experience with firewall functionality and configurations  

• Experience in a team lead or similar role 

• Experience training and/or mentoring employees 

Preferred Skills:  

• Knowledge of common Windows and Linux/Unix system calls and APIs  

• Understanding of Anti-Virus  

• Knowledge of programming languages.  

• Knowledge of internal file structures for file formats commonly associated with malware (e.g., OLE, RTF, PDF, EXE, etc.)