SOC Architect ||| Visa: GC USC ||| Location Details:Remote in State: at Remote, Remote, USA |
Email: sandeep.s@winorbittech.com |
From: Sandeep, WinOrbit sandeep.s@winorbittech.com Reply to: sandeep.s@winorbittech.com Title: SOC Architect Visa : GC USC Why that Status/advantages: Exclusive Location: remote but in an approved state**Prefers East Coast ( Location Details: Remote in State: Alabama, Delaware, Florida, Georgia, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington (State), West Virginia, Wisconsin, Wyoming) Team: SOC Team Size: will be 10 Start: ASAP Screen on: ****Does NOT want people that have been an architect for a product company, No solution Architects, no sales architect Job Title: Security Operations Center (SOC) Architect Need a SOC architect who can focus on workflow and automation Need python and strong scripting skills. Exabeam is a strong strong plus Looking for someone who has engineering/architecture exp in a large SOC environment. Need SIEM in Large SOC environment Questions to Ask/Include in Submittal Questions: Do you have SOC experience How many years Which companies What was your involvement in the SOC Experience working for a large company 10,000 + employees Experience with multiple SIEMs Exabeam and/or Expel Have you developed and implemented runbooks What security products have you architected Do you have experience with SOAR and email security Do you have experience automating processes within a SOC **Can you build rules in exabeam **Can you write python scripts to do SOAR automation Job Summary: We are seeking an experienced Security Operations Center (SOC) Architect to join our large healthcare organization. As a SOC Architect, you will play a vital role in designing, implementing, and maintaining an efficient and effective security operations infrastructure to protect our organization's sensitive data and assets. Your expertise will be crucial in developing and executing strategic security initiatives, building robust incident response processes, and ensuring continuous improvement of our security operations capabilities. Responsibilities: SOC Infrastructure Design: Design and architect the organization's Security Operations Center infrastructure, including network architecture, security tools, technologies, and processes, to enable effective security monitoring, detection, and incident response. Incident Response Planning: Develop and implement incident response plans, including defining roles and responsibilities, escalation procedures, and communication protocols, to ensure timely and effective response to security incidents and minimize their impact. Threat Intelligence Integration: Collaborate with the threat intelligence team to integrate threat intelligence feeds, tools, and platforms into the SOC infrastructure, enhancing the organization's ability to proactively detect and respond to emerging threats. Security Monitoring and Analysis: Define and implement comprehensive monitoring and analysis strategies, leveraging security information and event management (SIEM) solutions, intrusion detection systems (IDS), and other relevant tools, to identify security incidents, conduct investigations, and provide real-time threat intelligence. Security Incident Response: Lead the incident response team in investigating security incidents, coordinating with relevant stakeholders, and ensuring appropriate actions are taken to contain, eradicate, and recover from incidents. Develop and maintain incident response playbooks and conduct regular incident response drills. Vulnerability Management: Oversee vulnerability management processes, including vulnerability scanning, identification, prioritization, and remediation. Collaborate with the security operations team to ensure timely patching and mitigation of vulnerabilities. Security Operations Enhancement: Continuously evaluate and enhance the efficiency and effectiveness of security operations processes and technologies, incorporating industry best practices and emerging trends. Identify and implement automation and orchestration opportunities to streamline SOC workflows. Compliance and Governance: Collaborate with compliance and legal teams to ensure security operations adherence to relevant regulatory requirements, industry standards, and internal policies. Support audits and assessments as needed. Security Awareness and Training: Collaborate with the security awareness team to develop and deliver security training programs for SOC staff and other relevant stakeholders to enhance security awareness and promote a culture of security within the organization. Documentation and Reporting: Maintain accurate and up-to-date documentation of SOC infrastructure, processes, and procedures. Generate regular reports on security operations performance, incidents, and metrics to management and stakeholders. Qualifications: Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Proven experience (X+ years) in designing and architecting Security Operations Center infrastructure and processes, preferably in a large-scale healthcare organization or a similarly regulated industry. In-depth knowledge of security operations principles, methodologies, and best practices. Strong understanding of network architecture, security technologies, and tools, including SIEM, IDS/IPS, vulnerability management, and threat intelligence platforms. Expertise in incident response planning and execution, including experience in leading and coordinating incident response efforts. Familiarity with regulatory requirements and industry standards such as HIPAA, HITECH, NIST, and MITRE ATT&CK framework. Strong analytical and problem-solving skills, with the ability to think strategically and provide innovative solutions. Excellent communication and collaboration skills, with the ability to effectively interact with technical and non-technical stakeholders. Relevant certifications such as CISSP, CISM, or GIAC certifications are highly desirable. Join our team and contribute your expertise to protect sensitive data and ensure the security of our healthcare organization. Keywords: green card SOC Architect ||| Visa: GC USC ||| Location Details:Remote in State: sandeep.s@winorbittech.com |
sandeep.s@winorbittech.com View All |
09:45 PM 21-Jan-25 |