NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360° platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a client’s needs and budget, and external threat analysis, which provides critical intelligence, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service.
We are looking for a proven, high energy, results oriented Cybersecurity Operations Leader, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established SecOps Leader, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security posture. This is an opportunity for you to showcase your strong communication skills and experience in SOC operations, security governance & advisory, security risk management, security architecture, and cyber incident response programs.
Job responsibilities:
Manage overall service delivery of Managed XDR, Attack Surface Reduction & Advisory services to our clients
Lead & manage overall SOC operations
Responsible for all escalations arising from security event monitoring, incident management and response
Ensure compliance to SLA, process adherence and process improvisation to achieve operational excellence
Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change.
Perform threat management, threat modeling & hunting, identify threat vectors and develop use cases/detection rules for security monitoring
Ensure training needs of team are adequately met
Assist clients in identifying potential threats, vulnerabilities, and deficiencies in their environments and aid them by bolstering their cybersecurity maturity and resilience
Evaluate client needs, coordinate designs for a solution, and clearly communicate the value proposition of complex and highly technical subjects
Plan and execute information technology security assessments of on-premise/cloud IT assets by understanding organization objectives, structure, policies, processes, internal controls, and external regulations; identifies risk areas; prepares scope and objectives; prepares internal controls review programs
Possess strong written and verbal communication skills with the ability to interact with senior management/Board, technical teams, and key client stake holders to convey complex technical security concepts to both technical and non-technical audiences
Support in sales pursuits and proposals and assist in building practice eminence
Deliver complex projects in a fast-paced, team environment
Promote and participate in forums for sharing expertise, strengthening firm’s collective knowledge, and helping resolve our clients’ challenges
Provide leadership to the enterprise's information security organization
Constantly update the cyber security strategy to leverage new technology and threat information
Establish strong client relationships to help progress the Services portfolio
Job specifications:
1. Qualification:
A bachelor's degree in a related field and a minimum of 10 years of related work experience
Certifications –
One or more security certifications: Certified Information Systems Security Professional (CISSP)/Certified Information Systems Auditor (CISA)
One or more cloud security certifications: Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect), or Certified Cloud Security Professional (CCSP)/ Certificate of Cloud Security Knowledge (CCSK) etc.
2. Desired Skills:
Knowledge and Experience:
Good understanding of SOC operations, design, technology, and management proficiency with domain administration, network architecture and design, and navigating change control procedures
Knowledge and working experience of IT risk management based on ISO 31000/ISO 27005, NIST Cyber Security Framework, ISO 27001/27002, GDPR, PCI DSS, SOC 1/SOC 2, COBIT, HITRUST.
Good understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, UNIX, mainframe), security technologies (firewalls, IDS/IPS, etc.) and application programming/scripting languages (C, Java, Perl, Shell).
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Knowledge and familiarity of common security technologies such as MDR, EDR, XDR, SIEM, Vulnerability Management, IDS/IPS, NTA, UEBA, DLP, and other solutions
Knowledge of common pen test and application security tools, such as Kali Linux, Metasploit, Burp Suite, Wireshark, Web Inspect, Network Mapper (NMAP), Nessus and others
Understanding of OWASP, the MITRE Attack framework, Cyber Kill Chain and the software development lifecycle (SDLC)
Expertise in cloud security implementations
Experience in effective vendor/partner management
Experience in client management
Ability to research and develop new security risk-based offerings
Ability to lead and shape client expectations
Personal Attributes
Self-starter and quick learner requiring minimal ramp-up
Excellent analytical, written, oral, and interpersonal communication skills
Highly self-motivated, self-directed, and attentive to detail
Ability to effectively prioritize and execute tasks in a high-pressure environment
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Management and Manufacturing
Industries
Computer and Network Security
Referrals increase your chances of interviewing at NopalCyber by 2x