SOC Lead (Remote or Onsite)

Benefits

Additional Information

Crane Co is looking for outstanding information security professionals to join the Crane Co. Global Information Security Team! Do you possess a strong security operations center background and want to lead others while working on interesting problems and helping to advance incident response capabilities? Have you always wanted to make a real impact on effective delivery of security operations at scale? We have an exciting opportunity helping to lead our blue-team operations using proven and emerging solutions in a comprehensive portfolio for our next-generation security operations center. You are passionate about leading incidents, performing threat hunting, and have a clear vision about next-gen SOCs and SOAR? Do you enjoy digging deep to finding the threats everything else missed? This role will provide opportunities to advance our global security operations and incident response program by applying cool and interesting security technologies, process and techniques to support SOC and IR for a global organization. This position will provide exposure to best-of-breed security solutions in a challenging and rewarding enterprise setting. You'll lead other responders and analysts as part of our tight-knit security team and be the escalation path within the global SOC for truly interesting attacks. As the ideal candidate, you will have solid proficiency in security incident and event management solutions, using modern IR approaches and tools, and have a proven track record implementing and honing a myriad of detective and preventive controls and processes in an enterprise setting. You must have a desire to lead others while furthering your own development, contributing to continuous improvement initiatives, and have a genuine passion for infosec! Previous security operations center experience, threat hunting prowess, and endless curiosity required. Core Function : This role will be responsible for performing and leading investigations and helping to implement and develop solutions supporting the incident response function. You must be experienced and excited about leading the daily work of security analysts in triaging incoming alerts, and you are adept at prioritizing response and effective remediation of threats. In this capacity, you will be helping to define and implement processes and standard work for the global security operations function, including playbook development, building threat intelligence informed detections, and performing detailed investigations. This is a very hands-on position; doing threat hunting, utilizing an advanced security stack for daily work, and ensuring team SLAs and performance is met and delivered. Previous senior level security operations center and supervisory experience with threat hunting competency is a must. You will assist in development and ongoing use of SIEM and SOAR technologies and processes supporting the global information security function. You will customize, develop, and implement the automation of security playbooks using APIs, various scripting methods and programming languages, and provide analytical techniques to build and support interfaces to and from various supporting technologies, tools, and IT systems. The ideal candidate must have solid proficiency in security incident management and have a proven track record implementing automation to gain efficiencies, reduce errors, and increase capacity of an enterprise incident response program. You must have a strong desire to mature blue team tradecraft, to lead and mentor others, and to further your own development along the way. The successful candidate will work collaboratively with Global Infosec Management, our Global SOC and other security team functions to ensure our overall cyber-incident preparedness and effectiveness. You will be expected to be able to communicate effectively at all levels of the organization, be extremely detailed, and be focused on delivery to program goals and expectations. You must enjoy contributing to continuous improvement initiatives and have a genuine passion for infosec! This is an exciting opportunity to grow and make a positive impact on a global program alongside other passionate infosec professionals. If you know you have what it takes to deliver on this and have a desire to lead a team professionals along the way, this is the position you've always wanted. Responsibilities and Duties: Ensure the timely identification, response, investigation, and remediation of all security events and incidents. Lead daily work of security operations center team members and provide support to teams in other geographies and time zones as required. Develop standard work and processes, build playbooks, and implement analysis logic supporting automation efforts using various techniques including scripting and coding within platforms, APIs and related technologies. Enrich and implement additional detective capabilities to enhance or improve incident identification and response

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Crane Company? Share your experience