SOC Manager

at  UNION BANCAIRE PRIVE UBP SA

Office
Geneva
Start Date
01.10.2024
Working hours
100%
Type of Contract
Permanent
Description
The COO division encompasses several departments supporting the client-facing teams, with a global presence covering a multitude of activities and client services including Operations, Finance & Tax, Information Technology, Credit, Human Resources, Security & Data Governance, Programme Management and General Services. It strives to provide both in-house departments and external providers with a first-rate service to ensure our business operates efficiently.
Mission
SOC Manager, will oversee the operations of our Security Operations Center (SOC), ensuring the organization’s information systems are continuously monitored, defended, and resilient against current and emerging cyber threats. Your role is pivotal.
Main responsibilities
In this role, you will lead a team of security analysts and specialists, coordinating and managing daily SOC activities, including threat monitoring, incident detection, response, and remediation. You will develop and implement SOC processes, procedures, and protocols to enhance operational effectiveness and efficiency.
You will also be responsible for the development and maintenance of incident response plans, ensuring that the SOC is equipped with the necessary tools and technologies to detect and respond to threats effectively. Additionally, you will conduct regular threat assessments, vulnerability analyses, and simulations to test and improve the organization’s security posture.
Collaboration is key in this role. You will work closely with other IT and security teams, providing guidance and support in implementing security measures and responding to incidents. You will also liaise with external partners and stakeholders, ensuring a coordinated and comprehensive approach to detection and responses activities.
To be successful in this position, you will need extensive hands-on experience in security operations, a strong technical background in cybersecurity, and excellent leadership skills. You should demonstrate a proactive, strategic, and collaborative approach, working effectively with colleagues and stakeholders at all levels to safeguard the organization’s information assets.

Core Duties and Responsibilities

• Manage daily operations of the Security Operations Center (SOC), ensuring continuous monitoring, detection, and response to security incidents.
• Lead and coordinate response efforts during security incidents, including triage, analysis, containment, eradication, and recovery.
• Incorporate global threat intelligence into SOC processes to enhance detection and response capabilities.
• Develop and implement strategies to enhance the SOC’s effectiveness, including process improvements, tool optimization, and staff training.
• Ensure effective use of SIEM and other monitoring tools to detect suspicious activities and potential threats.
• Lead, mentor, and develop a team of security analysts, fostering a collaborative and high-performance environment.
• Develop and maintain metrics and reports to track SOC performance and incident trends.
• Communicate effectively with stakeholders across the organization, providing regular updates on security incidents, threat landscape, and SOC activities.
• Develop and maintain SOC policies, procedures, and playbooks to ensure consistent and effective incident response.
• Manage relationships with security vendors and service providers used by the SOC, ensuring effective use of external resources and technologies.
• Ensure SOC operations comply with relevant regulatory requirements and support internal and external audits.

Personal skills

Specific Competencies:

• BS/BE degree in Information Security, Computer Science, Information Technology, or a related field.
• A Master’s degree in Cybersecurity or a related field is a plus.
• 5+ years of experience in security operations, threats monitoring and detection, incident response, or a related field, with at least 2 years in a leadership role.
• Relevant security certifications such as GIAC, CISSP, CISM or similar are highly desirable.
• In-depth knowledge of incident response processes, including triage, analysis, containment, eradication, and recovery.
• Proficiency with SIEM platforms and other security monitoring tools, including rule creation, fine-tuning, and alert management.
• Solid understanding of operating systems (Windows, Linux), scripting languages (Python, PowerShell), and forensic tools.
• Strong understanding of threat intelligence sources and their application to enhance SOC capabilities.
• Comprehensive knowledge of network protocols, firewall management, IDS/IPS, endpoint security, and related technologies.
• In-depth understanding of the Cyber Kill Chain model and its application in tracking and disrupting the stages of an attack, from reconnaissance through to exfiltration and beyond.
• Proficiency in leveraging framework like MITRE ATT&CK to identify and categorize adversary tactics, techniques, and procedures (TTPs), and to develop and refine detection strategies and response plans.
• Experience with adversary simulation and red teaming exercises to test and improve SOC detection and response capabilities. Other Skills/Abilities :
• Strong leadership skills with the ability to mentor and develop team members.
• Excellent analytical and problem-solving skills to effectively address complex security challenges.
• Ability to work collaboratively with cross-functional teams, fostering a cooperative and productive environment.
• Meticulous attention to detail to ensure accurate and thorough incident documentation and analysis.
• Commitment to continuous learning and staying updated with the latest security trends and technologies.
• Fluency in English.
• High level of discretion and integrity in handling sensitive security information.Education
• Education: Bachelor Degree
• Technical skills: Highly technical profileExperience
• Years of experience: 7-10 : senior
• Experience in private banking: PreferredLanguage
• French: Fluent
• English: FluentOTHER
• Swiss resident: Optional

• Manage daily operations of the Security Operations Center (SOC), ensuring continuous monitoring, detection, and response to security incidents.
• Lead and coordinate response efforts during security incidents, including triage, analysis, containment, eradication, and recovery.
• Incorporate global threat intelligence into SOC processes to enhance detection and response capabilities.
• Develop and implement strategies to enhance the SOC’s effectiveness, including process improvements, tool optimization, and staff training.
• Ensure effective use of SIEM and other monitoring tools to detect suspicious activities and potential threats.
• Lead, mentor, and develop a team of security analysts, fostering a collaborative and high-performance environment.
• Develop and maintain metrics and reports to track SOC performance and incident trends.
• Communicate effectively with stakeholders across the organization, providing regular updates on security incidents, threat landscape, and SOC activities.
• Develop and maintain SOC policies, procedures, and playbooks to ensure consistent and effective incident response.
• Manage relationships with security vendors and service providers used by the SOC, ensuring effective use of external resources and technologies.
• Ensure SOC operations comply with relevant regulatory requirements and support internal and external audits