Manager: Cybersecurity Operations Center
Apply NowCompany: Ottawa Area Intermediate School District
Location: Holland, MI 49423
Description:
Position Type:
Technology
Date Posted:
1/14/2025
Location:
Interim Central Office
Date Available:
ASAP
Closing Date:
01/24/2025
Cybersecurity Operations Center Manager
Job Summary:
The Cybersecurity Operations Center (CSOC) Manager is responsible for the day-to-day operations and management of the organization's cybersecurity monitoring and response functions. This role oversees a team of security analysts, ensuring the proactive identification, investigation, and mitigation of cyber threats. The CSOC Manager plays a critical role in protecting the organization's valuable assets, including student & staff data, systems, and infrastructure.
Responsibilities:
Qualifications:
Preferred Skills:
Schedule: Full-time, year-round, first shift.
This position is grant funded with funding secured through at least 9/30/2027.
Compensation: $95,000 - $105,000
Technology
Date Posted:
1/14/2025
Location:
Interim Central Office
Date Available:
ASAP
Closing Date:
01/24/2025
Cybersecurity Operations Center Manager
Job Summary:
The Cybersecurity Operations Center (CSOC) Manager is responsible for the day-to-day operations and management of the organization's cybersecurity monitoring and response functions. This role oversees a team of security analysts, ensuring the proactive identification, investigation, and mitigation of cyber threats. The CSOC Manager plays a critical role in protecting the organization's valuable assets, including student & staff data, systems, and infrastructure.
Responsibilities:
- Lead and Manage the CSOC Team:
- Hire, train, manage, and mentor a high-performing team of security analysts.
- Foster a collaborative and supportive team environment.
- Define clear roles, responsibilities, and performance expectations.
- Conduct regular performance reviews and provide constructive feedback.
- Oversee CSOC Operations:
- Monitor and analyze security alerts and events from various sources (e.g., SIEM, IDS/IPS, firewalls, endpoint detection and response).
- Investigate security incidents, determine root cause, and implement appropriate response actions.
- Develop and maintain standard operating procedures (SOPs) for incident response and security monitoring.
- Ensure compliance with relevant security standards and regulations (e.g., CIS Critical Security Controls, NIST, etc.).
- Threat Intelligence and Hunting:
- Stay abreast of the latest cybersecurity threats and vulnerabilities.
- Conduct threat-hunting activities to proactively identify and mitigate potential attacks.
- Leverage threat intelligence feeds to enhance security monitoring and response capabilities.
- Share threat intelligence with other school districts in the region and the state.
- Security Tooling and Technology:
- Evaluate, select, and implement security technologies (e.g., SIEM, EDR/XDR/MDR, etc) to enhance the CSOC's capabilities.
- Maintain and optimize security tools and technologies.
- Integrate security tools and technologies to improve overall security posture.
- Incident Response and Communication:
- Lead the incident response process, including communication with stakeholders and coordination with other teams (e.g., IT, legal, HR).
- Complete Cybersecurity Incident Reports for school district leadership.
- Develop and maintain incident response plans and playbooks.
- Conduct tabletop exercises and simulations to test and improve incident response capabilities.
- Reporting and Metrics:
- Generate regular reports on security metrics, including threat activity, incident response times, and the effectiveness of security controls.
- Analyze security data to identify trends and make data-driven decisions.
- Present security metrics and findings to senior management.
- Continuous Improvement:
- Continuously evaluate and improve the effectiveness of the CSOC's processes and procedures.
- Identify and implement process improvements to enhance efficiency and effectiveness.
- Stay current on industry best practices and emerging security threats.
Qualifications:
- Bachelor's degree in Computer Science, Cybersecurity, or a related field.
- Strong ethical principles and a commitment to protecting sensitive information.
- 5+ years of experience in cybersecurity, with at least 3 years of experience in a CSOC environment.
- Proven experience managing and leading a team of security professionals.
- Proactive mindset, strong analytical skills, and the ability to work collaboratively within a dynamic team environment
- Strong understanding of cybersecurity concepts, including threat intelligence, incident response, vulnerability management, and threat hunting.
- Experience with security tools and technologies, such as SIEM, EDR/XDR/MDR, IDS/IPS, and firewalls.
- Strong customer service & teamwork skills
- Excellent analytical, problem-solving, and decision-making skills.
- Strong communication and interpersonal skills, with the ability to effectively communicate technical information to both technical and non-technical audiences.
- Ability to work independently and as part of a team.
- Strong work ethic and a passion for cybersecurity.
- Relevant industry certifications (e.g., CISM, CISSP, CISA, CySA+, CASP+) are preferred.
Preferred Skills:
- Experience in the education sector or with K-12 IT environments.
- Knowledge of cloud security and cloud-based applications.
- Familiarity with data privacy regulations specific to education.
- Extensive experience with EDR/XDR/MDR platforms.
Schedule: Full-time, year-round, first shift.
This position is grant funded with funding secured through at least 9/30/2027.
Compensation: $95,000 - $105,000