SOC Advisory Lead Consultant

Position - SOC Advisory Lead Consultant

Minimum years of Work Experience -

• Overall 12+ years’ experience working in a large-scale IT environment focusing on Information Security/Cyber Security.
• Minimum eight years experience in Information and Cyber Security.
• Minimum three years experience in managing a SOC team.
• Minimum six years experience with SOC related technologies (SIEM, SOAR, EDR…)
• Experience in managing teams of SMEs and consultants

Skills/Certifications

• Understanding of SOC-CMM, CREST, MITRE and similar standards and frameworks related to SOC operations assessments
• Experience in working in senior/manager SOC roles (SOC manager or Lead)
• CISSP, CISM, CISA, GIAC SOC and Cybersecurity vendor related certificates
• PMP/Agile PM
• ISO27001 Lead Implementor/Auditor
• Cloud security related certification (Azure/AWS)
• OT security experience is a plus

Job Purpose:-

To guide and advise customers on building SOC related services from scratch or assist in improving existing services. To assess the maturity and capability of Security Operations services in scope and propose improvements. Closely working with other SOC teams, and assisting them in achieving their goals. To work closely with the rest of the Advisory team and exchange knowledge and experience.

Key Responsibilities:-

• Deliver high-level strategy and executive advisory services.
• Lead client engagements in security advisory at the highest strategic level.
• Establish and align business principles and objectives to the long-term security operational vision by applying tactical guidance for various information security operating models.
• Perform SOC maturity assessments and build precise roadmaps based on the goals and objectives of the organization.
• Leading and performing assessments in regards to various technology / compliance standards (SOC-CMM, NIST, CREST, MITRE)
• Provide clients with guidance during the Initial Operating Capability (IOC) through full operational capability (FOC) covering key aspects of SOC domains such as business, process, governance, technology, people, and services.
• Create and build on the concept of operations (ConOps) in the pre-work stages that strategically prepares the client for successful implementation of security technology and operations.
• Assist clients with recommendations in different advisory stages, such as creating security operations strategy (SOC Charter), developing training programs, assisting with use case framework implementation, developing standard operating procedures, and applying service/integrated frameworks.
• Possess the ability to identify the client's problems and use common consulting management skills such as facilitation, gap analysis, interviewing, and engaging in multiple workshops with key stakeholders.
• Collaborate with clients to define services and build technology strategies as part of the build, plan, and design phases of security operations.
• Perform as a subject matter expert (SME) in strategy conversations with c-level panels to provide exceptional IT/OT/Cloud/Physical security, compliance, regulations, and industry best practices that promote the overall mission and vision of the organization.
• Maintain a good understanding of security trends and methods for pinpointing cyber and physical security solutions that fit the client's business, financial, and technological objectives.
• Identify, build, and create cyber solutions to address security issues, perform security operations content reviews, draw conclusions, and develop strategic guidance.
• Assess and develop the current security operation effectiveness by reviewing operating procedures, workflows, policies, frameworks, and operational reporting.
• Consistently contribute towards industry-specific offerings/professional security forums/internal departmental blogs/publications/develop thought leadership.
• Contribute to the proposal process for SOC Advisory services while collaborating with other internal group members to solidify the sales pitch approach.