Manager, Security Operations Center

ECI is the leading global provider of managed services, cybersecurity, and business transformation for mid-market financial services organizations across the globe. From its unmatched range of services, ECI provides stability, security and improved business performance, freeing clients from technology concerns and enabling them to focus on running their businesses. More than 1,000 customers worldwide with over $3 trillion of assets under management put their trust in ECI.

At ECI, we believe success is driven by passion and purpose. Our passion for technology is only surpassed by our commitment to empowering our employees around the world. 

The Opportunity: 

ECI has an exciting opportunity for the Manager, Security Operations Center, who is responsible for leading the team, who will oversee development and day to day operations of our managed services security solution. This position will oversee planning, designing, staffing, budgeting, people management and the implementation of multiple managed security services for global customers including security monitoring. will have extensive experience in managing SOC teams within a Managed Security Operations function, particularly with a focus on Managed Detection and Response (MDR) and Managed SIEM.

The role involves a hands-on approach to daily SOC activities, strategic leadership in process enrichment, and effective communication with senior leadership. This critical role requires a balance of technical expertise, strategic thinking, and leadership skills and must have a proven track record in leading high-performing SOC teams. Also, develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders. And Research and investigate new and emerging vulnerabilities, to include Zero Day events, assess against risk to the corporate and production environments, and participate in external security communities.

This is an onsite role.

What you will do:

• Overseeing the 24x7x365 Security Operation Center’s processes, technology and people who monitor security tools, assess threats, and risks involving client infrastructure.
• Responsible for ensuring that all Managed Service deliverables are produced on time and within strict SLA time frames, while maintaining an innovative growth culture within SOC team.
• expected to act as the escalation point for the SOC technical team
• Architecting and engineering the complete managed services platform for delivery of managed security services to various customers across the globe in the area of Security monitoring, Security operations, Threat and vulnerability management, threat intelligence.
• Planning, designing, staffing, budgeting and implementing multiple managed security services for global customers including Security monitoring
• Managing expense priorities, providing recommendations and implementing changes to methods/processes.
• Partnering with other department leaders to establish strategic plans and objectives for the team and the company.
• Makes final decisions on administrative and operational matters.
• Responsible for hiring and onboarding new hires.
• Orchestrate the real time incident response for Eze Castle Integration’s clients. Launch, mentor and track investigations to resolution
• Handle client meetings, point of contact for client requirements, onboard new clients. Manage relationships with our customers’ in-house operations teams and lead operational interactions/cadence with client management.
• Provide direction and vision to improve SOCs effectiveness, including motivating people to perform, listening to the team, providing feedback, recognizing strengths, identifying automation opportunities, reducing alert fatigue and providing adequate challenges to staff to maintain innovative growth culture.
• Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity.
• Oversee the day-to-day operations of the SOC team, ensuring effective response to security incidents and alerts.
• Oversee the management of our existing Managed Security Operation’s managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents.
• Lead the management and enhancement of MDR and Managed SIEM services, preferably expertise in IBM QRadar.
• Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection.
• Provide guidance and support to the SOC team in the ingestion and analysis of logs from various systems and applications into the SIEM platform.
• Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities.
• Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities.
• Collaborate with cross-functional teams, such as IT, Legal, and Risk Management, to ensure alignment and effective communication regarding security incidents and mitigation strategies.
• Drive the continuous improvement of SOC processes and procedures to enhance efficiency and effectiveness.
• Taking a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats.
• Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends.
• Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements.
• Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness.
• Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC.
• Work as a liaison between the SOC Team, other departments, and upper management.

Who you are:

• Bachelors or college degree of computer science, computer engineering or other relevant degrees.
• 12+ years of Information Security/Cybersecurity experience
• 5 years in a leadership role and working in a SOC environment and working knowledge of all managed controls and services.
• Proven expertise in MDR and Managed SIEM, with a strong preference for experience with IBM QRadar.
• In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.).
• Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc.
• Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks.
• Experience in creating and refining SIEM rules, alerts, and correlation logic.
• Experience working in a fast-paced, dynamic environment, with the ability to prioritize and manage multiple security incidents simultaneously.
• Exceptional problem-solving and decision-making abilities, with a proactive and results-driven mindset.
• Demonstrated ability in enhancing SOC processes and implementing best practices in security operations.
• Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products
• Experience with Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment
• Should have expertise on TCP/IP network traffic and event log analysis,
• Good understanding of information security policies, standards, and industry best practice.
• Ability to solve complex problems independently by getting to the core and clearly communicating scenarios, impacts and recommendations to the decision-makers.
• Effective communication and presentation skills. Fluent in English, written and orally.
• Experience in SOC process automation and orchestration
• Personnel and resource management experience
• Strong background and expertise on various security technologies including end point security, perimeter security, Advanced threat protection, Security monitoring and security management
• Strong service design and delivery capabilities leveraging large scale Security operation center including process, people and technologies
• Remain vigilant while continuing to maintain and enhance the overall security of ECI and the client’s receiving our services.
• Maintain awareness about the potential risks based on the environment they are operating in and the clients they are working on.
• Certifications: CISSP, PMP, ITIL or equivalent

Bonus points if you have:

• Excellent leadership and team management skills, with the ability to inspire and guide teams in high-pressure situations.
• Exceptional communication skills, capable of articulating complex security issues to senior leadership and non-technical stakeholders.
• Strong verbal and written English communication
• Strong interpersonal and presentation skills
• Ability to work with minimal levels of supervision

ECI’s culture is all about connection – connection with our clients, our technology and most importantly with each other. In addition to working with an amazing team around the world, ECI also offers a competitive compensation package and so much more!  If you believe you would be a great fit and are ready for your best job ever, we would like to hear from you!

Love Your Job, Share Your Technology Passion, Create Your Future Here!

#LI-Onsite