SOC/CIRT Team Lead- 2nd Shift
The Security Operations & Incident Response Team's mission is to preserve the confidentiality, integrity, and availability of our assets by identifying operational and security risks; and collaborating with business, functional, and customer stakeholders to develop plans that manage risk to acceptable levels. We are currently seeking a SOC/CIRT Team Leader- 2nd Shift to join our team.
- Oversee tier 1-3 analysts daily tasking.
- Ensure effective supervision of the incident management lifecycle
- Identify chronic operational and security issues, and ensure they are managed appropriately.
- Manage and escalate roadblocks that may jeopardize security monitoring operations, infrastructure, and SLAs.
- Serve as a mentor to SOC/CIRT staff.
- Interface and collaborate with teams both internally and externally.
- Document, develop, and track analyst training requirements.
- Manage the process improvement lifecycle for SOC/CIRT processes.
- Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence
- Serve as focal technical lead on incident events and incidents.
- Must be technical, hands-on, and also capable of serving as the primary point of contact with management
- Lead the investigative process for network intrusions and other cyber security incidents to determine the cause and extent of the breach.
- Summarize events/incidents effectively to different constituencies such as legal counsel, executive management and technical staff, both in written and verbal forms.
- Managing the chain of custody for all evidence collected during incidents, security, and forensic investigations -
Bachelor's Degree in Information Security, Computer Science or equivalent; or 4 years comparable work/military experience a plus
- 5+ years of experience in security incident handling and forensics skills including knowledge of common probing and attack methods, network/service discovery, system assessment, viruses and other forms of malware.
- Experience mitigating and addressing threat vectors including Advanced Persistent Threat (APT), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc.
-Intermediate understanding of network technologies such as TCP/IP, IDS/IPS, firewalls, LAN/WAN, routing and switching.
-Intermediate knowledge of the following platforms in an enterprise environment - Microsoft Windows, Solaris, Linux.
-Knowledge of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks, compromise, and exfiltration.
-Ability to understand and weigh business risks and communicate appropriate information security measures.
-Excellent problem diagnosis and analytical skills.
-Self-starter, able to work with minimal supervision and ability to learn new skills quickly with minimal guidance.
-Excellent communication skills in English, both written and verbal.
-Dedicated to achieving project schedules and milestones.
-Ability to work in a team environment with tight deadlines and multiple priorities while staying a team player.
-Strong personality, able to quickly build positive relationships within the own team and internal clients at remote sites.
-Ability to manage expectations for projects and programs in conjunction with the information security team.
- Experience managing a diverse, international staff preferable
- Have or the ability to acquire a US government clearance a plus
- Travel (including international) is possible. Evening and weekend hours expected during incidents
At Thomson Reuters, we believe what we do matters. We are passionate about our work, inspired by the impact it has on our business and our customers. As a team, we believe in winning as one - collaborating to reach shared goals, and developing through challenging and meaningful experiences. With more than 45,000 employees in more than 100 countries, we work flexibly across boundaries and realize innovations that help shape industries around the world. Making this happen is a dynamic, evolving process, and we count on each employee to be a catalyst in driving our performance - and their own.
As a global business, we rely on diversity of culture and thought to deliver on our goals. To ensure we can do that, we seek talented, qualified employees in all our operations around the world regardless of race, color, sex/gender, including pregnancy, gender identity and expression, national origin, religion, sexual orientation, disability, age, marital status, citizen status, veteran status, or any other protected classification under country or local law. Thomson Reuters is proud to be an Equal Employment Opportunity/Affirmative Action Employer providing a drug-free workplace.
Intrigued by a challenge as large and fascinating as the world itself? Come join us.
To learn more about what we offer, please visit thomsonreuters.com/careers .
More information about Thomson Reuters can be found on thomsonreuters.com.
Eagan-Minnesota-United States of America;Richmond-Virginia-United States of America
Meet Some of Thomson Reuters's Employees
Software Engineer, Centre of Cognitive Computing
Lisa works with other engineers to develop products that are powered by artificial intelligence and capable of machine learning. She also conducts research to identify new uses for existing company data.
Back to top