Regional SOC Leader – Canada Security Services

Job Description
Cybersecurity is one of the most critical issues of our generation. No other company has the powerful combination of talent, industry-leading security technology, global reach and cognitive capabilities, powered by Watson, to combat the cybersecurity threats.

Within IBM's North America Security Service practice, we are constantly seeking security skills that can further enhance the depth and expertise needed by the marketplace.

We have exciting opportunities in IBM Canada Security Services business unit.

We are looking for an experienced security professional to lead the Canada Security Operations Center (SOC) team consisting of First line manager/s, Technical Security Analysts and the SOC Infrastructure team. This role will be responsible to provide leadership in managing the client obligations on all current Key accounts and driving positive financial performance where necessary. In addition this role will work closely with the broader NA team in executing the business strategy to expand the current SOC into a true Regional SOC with 24x7 threat monitoring (L1 & L2) capabilities to cater to local Canadian client requirements and demands while still adhering to Global IBM standards.

This individual will have experience in managing a state of the art 24x7 SOC, people management skills and demonstrated ability in hiring talent and building a team of high performing professionals. Candidate should also exhibit thought leadership, sales leadership and delivery leadership in one or more of the core security domains: Managing SOC Process / Technology / People, Managed SIEM, Managed Firewalls / UTM, Managed Endpoint Security, Incident Management, Security Strategy Risk and Compliance.

The Regional SOC Leader provides leadership & direction to the team in regards to the following:

Delivery (People, Process, Technology), Financial Mgmt

  • Lead a highly technical team in delivery efforts related to client obligations on existing steady state accounts. Team deliverables include deployment and integration activities, device management, event analysis, service-level reporting, risk and contingency planning. Support-related responsibilities include Day to day monitoring, trouble shooting, patch management, access management, health and availability management of Security Operations Infrastructure (Firewalls, IDPS, and SIEM etc.)
  • Drive improvement in GP where required
  • Help organize steady state management approaches and teams for client delivery
  • Act as the escalation point on client sat issues as they arise
  • Establish strong client relationships in key accounts to help progress the Security Services portfolio
  • Execute business strategy to expand the SOC to a true 24 x 7 operation.
  • Develop and administer SOC processes and review their application to ensure that SOC's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls
  • Provide management oversight for the identification, triage and response of events or incidents of apparent security breaches
  • Produce and review aggregated metrics of operation of SOC performance, efficiency, capacity, security controls, as well as apparent attacks, breaches, and other pertinent data before and publish for executive management review
  • Confer and collaborate with internal departments that provide SOC services to ensure that appropriate process and procedures and tools are installed, operating properly, and being monitored and reported
  • Manage external vendor relationships, hold regular performance reviews to maintain high levels of vendor performance
  • Improve the operational systems, processes and policies in support of organizations mission
    specifically, support better management reporting, information flow and management, business process and organizational planning
  • Manage and increase the effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions
  • Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence
  • Oversee overall SOC financial management, planning, systems and controls.
Marketing and Sales
  • Work with solutions and sales teams to provide content to drive deals
  • Work closely with the solution design teams in developing client presentations and Statement of Works (SOWs) where SOC representation is needed.
  • Become a recognized leader in the Security Operations Centre space and help drive signings where required

People Management
  • Perform all IBM People Management responsibility of a diverse team including Checkpoint goals, performance discussions, career growth / advise, compensation, GDP, promotions etc
  • Develop and maintain personnel training plans
  • Help establish capability and skills models for the SOC team
  • Manage shift rotations to accommodate 24 x 7 threat monitoring capability.
  • Foster collaboration with teams such as sales, Consulting & Systems Integration (C&SI), solution design, portfolio management (PMO, PE/DPE, Contract Mgmt), broader Global MSS teams and the NA Security Services practice


Required Technical and Professional Expertise

  • English Fluent (Verbal and Written)
  • Must have Canadian Citizenship or Permanent Resident Card
  • At least 10 years of experience in Cyber Security
  • At least 5 years relevant management expertise in Managed Security Services - Managed SIEM, IDS/IPS, Managed Firewall / UTM etc
  • Knowledge of security technology and solutions - One or more of the following - Fortinet, Checkpoint , Cisco , Juniper , Tripwire, Symantec , F5 & PaloAlto.
  • Track record of strong leadership
  • Excellent people management skills, managing a diverse team of security professionals
  • Proven experience in building high performing teams.
  • Good technical and trouble-shooting ability
  • Ability to work in a high stress environment
  • Ability to interact with staff, peers and customers on a technical and professional level.
  • A thorough understanding of customer service related performance metrics
  • Experience in crisis management


Preferred Tech and Prof Experience

  • At least 15 years of experience in Cyber Security
  • At least 8 years expertise in Managed Security Services.
  • At least 5 years experience managing various security technologies such as Firewalls, UTMs, IDS/IPS, Vulnerability Management Systems (VMS), WAF, Endpoint protection, 2FA, PGP
  • Proven proficiency in Managing ( Device and Policy Mgmt ) of F/W , IDS / IPS , eMail Security, EPP, DLP & SIEM Solutions.
  • At least 5 years Managed Security Services in industry leading Security solutions such as Fortinet, Checkpoint , Cisco , Juniper , Tripwire, Symantec , F5 & PaloAlto.
  • Industry recognized security certifications This can include security methodology (Eg. CISSP, CISA, ITIL, etc.) or vendor specific (product) certifications (Eg. CCSP, JNCIS-FWV, etc.).
  • Client facing experience supporting large scale security solutions.
  • Canada Level 2 Secret Security Clearance
  • Bi-Lingual - English & FrenchSecurity Certification - One of the following - CISM, CRISC, CISSP


EO Statement
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.


Back to top