Job Description: 

Within the Security Operations Center, the Security Operations Center Manager oversees the activity of the SOC team, including hiring, training, and assessing staff. Additional responsibilities include creating processes, assessing incident reports, and developing and implementing crisis communication plans. They create compliance reports, support the audit process, measure SOC performance metrics, and report on security operations.

• Hire, manage, and train a team of Security Analysts responsible for monitoring security systems for potential cybersecurity incidents
• Manage global 24x7 detection, analysis, and triage operations
• Ensure development of standard operating procedures and operations
• Validate that Security Analysts follow established procedures and follow up on anomalous activity when identified
• Identify monitoring and detection gaps and work with the SOC Detections Analyst team to expand log collection, detection, and analytic capabilities to address
• Adjust operations procedures and capabilities as necessary based on active collection and analysis of relevant metrics
• Develop a metrics program to measure the effectiveness and ways to improve upon processes
• Build strong relationships with operations teams to facilitate rapid response actions
• Establish practices to maximize quality staff retention and growth
• Work closely with compliance teams to provide required evidence for various applicable controls
• Oversee and set the SOC Analyst team’s training program
• Organize and prioritize various SOC functions based on business requirements

• Reporting to Chief Information Security Officer

• Position to be filled in Torino, Italy

(P) = Preferred, (R) = Required
• 8 to 10 years of relative work experience desired (R)
• Security Operations Center management experience (R)
• Degree in Computer Science or related technical degree (R)
• Ability to explain complex security issues to Analysts, Architects, and Executives (R)
• Possess solid critical thinking, analytical and problem-solving skills (R)
• Strong verbal and written communication skills, a sense of diplomacy, and decision-making
• skills to handle the often fast-paced role of an incident handler (R)
• Ability to maintain a steady sense of calm during tense situations (P)
• Technical:
• Strong understanding of security monitoring, detection, and analysis methodologies and technologies including NIDS, HIDS, WAF, FIM, network firewall, and SIEM (R)
• Recognized industry certification and/or continuing education programs are a major plus including CISSP, OSCP, GCIH, GCIA, SSCP, GMON (P)
• Working knowledge networking, of secured communications (R)
• Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident
• response techniques (P)
• Cyber/operation security, network security and application security monitoring experience (P)
• MS Office Products (R)
• Fluency in English (oral and written) (R)