Manager, Security Compliance

Manage SOC analysts, performing deep-dive incident analysis and data correlation using the Sumo Logic Platform. Guide analysts through triage and remediation, assess impact on critical systems, and address vulnerabilities. Support threat detection through machine learning and facilitate cross-functional collaboration. Mentor and train SOC analysts, assist engineering with compliance and security requirements, and continuously improve the organization's security posture, including policy, process, and engineering changes.

Must Have

• Manage SOC analysts and guide them through incident analysis, triage, and remediation.
• Assess impact on critical systems and address vulnerabilities.
• Support threat detection and facilitate cross-functional collaboration.
• Mentor and train SOC analysts to handle evolving threats.
• Continuously improve security posture, policies, processes, and engineering.
• 8+ years of security experience, including 2+ years in AWS Security and 2+ years in leadership.
• Well-versed in major compliance frameworks like PCI and SOC.
• In-depth knowledge of AWS services, endpoint security, threat intelligence, forensics, and malware reverse engineering.
• Advanced skills in log parsing, incident investigation, and response.
• Extensive experience with advanced Threat Modeling (OWASP, STRIDE, PASTA, Trike).
• Thorough knowledge of Incident Response procedures.

Good to Have

• AWS Certified Security - Speciality
• CISSP or CISM or CCSP certification
• CEH or OSCP certification

What will your typical day be?

• You will manage SOC analysts, performing deep-dive incident analysis and data correlation using the Sumo Logic Platform, and guide analysts through triage and remediation.
• You will assess impact on critical systems, address vulnerabilities, support threat detection through machine learning, and facilitate cross-functional collaboration.
• Your role includes mentoring SOC analysts, training to enhance your skills, assisting engineering with compliance and security requirements, and developing your team to handle evolving threats.

Additionally, you will continuously improve the organization's security posture, including policy, process, and engineering changes.

Required Qualifications and Skills

• Bachelor’s degree in computer science or equivalent industry experience
• Must have 8+ years of overall security experience, including a minimum of 2 years in AWS Security, and at least 2 years of leadership experience.
• Must be a proactive self-starter.
• Have a passion for identifying the root cause of technical problems and issues.
• Must be well-versed in major compliance frameworks and certifications such as PCI and SOC, along with typical compliance requirements.
• Possess the creativity and experience to anticipate alternative vulnerability vectors and mitigate exposure.
• Have in-depth knowledge of AWS services, endpoint security, threat intelligence, forensics, and malware reverse engineering.
• Can quickly grasp the functionality of applications and the underlying cloud infrastructure to act as an incident hunter.
• Possess advanced skills in log parsing, incident investigation, and response.
• Have a solid understanding of emerging security threats and mitigation strategies.
• Have extensive experience with advanced Threat Modeling (OWASP, STRIDE, PASTA, Trike).
• Must be enthusiastic about collaborating with and mentoring the team.
• Have thorough knowledge of Incident Response procedures.

Desired Qualifications and Skills

• AWS Certified Security - Speciality
• CISSP or CISM or CCSP
• CEH or OSCP