Cybersecurity SOC Team Lead

Benefits:

• Competitive compensation

• Medical, Dental, and Vision insurance

• 401(k) Retirement Savings Plan with substantial company match

• Life and Travel Insurance

• Tuition Assistance

• Wellness Reimbursement Program

• Paid Holidays and Vacation

What is a Cybersecurity SOC Team Lead?

We are seeking a diligent and experienced Cybersecurity SOC Team Lead to join our team. In this role, you will be working within a group of highly motivated Information Technology and Cybersecurity professionals committed to keeping Central Hudson safe. The Cybersecurity SOC Team Lead leads a team of SOC Analysts and assists them in their daily operations as they proactively seek out adversaries. The Team Lead is an escalation point for the SOC Analysts and a Liaison with our Cybersecurity Engineers.  A Cybersecurity SOC Team Lead must possess various technical skill sets and experience to assure security events are analyzed and managed appropriately from the detection to the remediation phase of an event or incident. The ideal candidate will have a strong understanding of modern security principles, excellent analytical skills, and the ability to communicate effectively with internal stakeholders and vendors alike.

What does a Cybersecurity SOC Team Lead do?

• Oversees daily SOC activities, ensuring timely detection and response to security incidents

• Continuously reviews and enhances SOC processes, including playbooks, response procedures, and threat hunting practices

• Supervises, mentors, and develops the SOC Analysts

• Initial escalation and notification point for SOC Analysts

• Leads post-incident reviews and ensures lessons learned are documented and applied

• Prepares detailed reports on SOC performance and incident trends

• Assists Cybersecurity Engineers with tuning false positive and/or true positive non-actionable security events

• Represents the Security Operations Center at internal/external meetings

• Oversees and leads incident response and investigation activities, ensuring timely resolution

• Fosters a collaborative environment for sharing insights and strategies

• Provides timely updates on ongoing incidents and emerging threats

• Highlights key metrics and performance indicators

• Proactively hunts for threats and vulnerabilities within the corporate environment

• Generates detailed reports on security incidents, including findings, action taken, and recommendations for future prevention.

• Provides regular status updates to management and stakeholders

• Works closely with other IT and security teams to ensure comprehensive incident management and response

• Monitors news, security sites, and other threat actor activity channels for new/current threats and stays updated on emerging cybersecurity threats and technologies

• Promotes and raises awareness by educating others about the importance of cybersecurity

• Builds relationships with government and local agencies to promote collaborative information sharing

• Supervises employees working in a 24/7 shift environment, including nights, weekends, and holidays and participates as needed

• Participates in on-call as needed to respond to security incidents outside of regular working hours

• Provides storm/emergency response support

What does it take to be a Cybersecurity SOC Team Lead?

Required:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field of study and 3 years of experience in cybersecurity. In lieu of a bachelor’s degree, an associate degree in the aforementioned fields and 5 years of cybersecurity operations or related experience or a high school diploma or equivalency degree and 7 years of cybersecurity operations or related experience will be considered

• In-depth knowledge of security operations, including SIEM, SOAR, EDR, IDS/IPS, malware analysis, email security, and endpoint protection

• Demonstrated ability to develop, tune, and optimize use cases for alerting in a SIEM platform

• Proficiency in threat hunting techniques and methodologies to proactively identify and mitigate potential threats

• Proven hands-on experience in working collaboratively with an Incident Response team, including the ability to manage and coordinate responses during cybersecurity events and incidents.

• Experience in drafting and maintaining SOC operating procedures and playbooks

• Experience with data visualization tools to analyze and present security data effectively

• Knowledge of common and emerging attack vectors, penetration methods and countermeasures

• Familiar with and have worked within Cyber Security Frameworks such as: NIST 800 – 61, Attack Life Cycle, SANS Security Controls, MITRE

• Effective communication skills, with the ability to collaborate with diverse teams, and communicate complex concepts clearly and concisely

• Must have excellent analytical, multitasking, organizational and decision making skills

• Ability to work with limited direct supervision and professionally respond to constructive feedback

• Ability to work nights, weekends, holidays during a critical cyber incident or event

• Valid driver’s license

Preferred:

• SOC leadership or management experience implementing cybersecurity frameworks (MITRE ATT&CK, NIST, CIS), incident response methodologies, and threat intelligence practices.

• Familiarity with scripting languages for automation and analysis

• Experience in conducting risk assessments, developing risk mitigation strategies and evaluating contractual agreements

• Experience in Energy & Utilities or services industry

• Relevant certifications such Systems Security Certified Practitioner (SSCP), CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+)

Applications will be accepted until January 2, 2025. 

Pay range: $124,600-193,200

Please go to https://www.cenhud.com/employment. Click the “Search Career Opportunities” button. Follow the directions to submit an application and upload your resume for the desired position.

Applications sent via e-mail and US Mail will not be accepted.  No phone calls or agencies, please.  All replies will be held in strict confidence.

All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, creed, color, ethnicity, arrest or conviction record, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, citizenship, genetic information, familial status, marital status, pregnancy-related condition, domestic violence victim status, veteran or military status, or any other characteristic protected by federal, state or local laws. Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance in employment individuals who are minorities, women, protected veterans, and individuals with disabilities.

VEVRAA FEDERAL CONTRACTOR