HOW YOU’LL MAKE AN IMPACT

As the SOC & CSIRT Manager you will play a critical role in safeguarding our organization's digital assets by managing the SOC and Incident Response process, promptly identifying, assessing, and responding to cyber security incidents. You will work closely with cross-functional teams to minimize the impact of security incidents and ensure the integrity and confidentiality of our data.

WHAT YOU’LL DO

• Stay informed about emerging cyber threats, vulnerabilities, and attack techniques.
• Monitor various security tools and systems for signs of suspicious activities and security events.
• Manage health and operations of the SIEM (Security Information and Event Management).
• Manage Security Operations Center (SOC) Managed Services Provider (MSP) and help create SIEM use cases and respond to alerts.
• Quickly assess the severity of security events and escalate as necessary.
• Develop and execute incident response (IR) plans to contain and mitigate security breaches.
• Contribute to the development and maintenance of IR playbooks and standard operating procedures.
• Participate in IR tabletop exercises and update plans as necessary.
• Coordinate with relevant teams to implement remediation actions, such as isolating affected systems and blocking malicious activities.
• Collect and preserve evidence related to security incidents and conduct digital forensics analysis.
• Conduct post-incident analysis to identify root causes and recommend preventive measures.
• Create monthly metrics and other operational reports.
  
  

THE EXPERIENCE YOU BRING

• In-depth knowledge of cyber security principles, technologies, and best practices.
• Proven experience in cyber security incident response, preferably in a SOC or CSIRT (Computer Security Incident Response Team) environment.
• Proficiency in using security tools such as SIEM/SOAR, endpoint detection and response (EDR), and extended detection and response (XDR), etc.
• Experience with forensic tools and techniques and conducting digital forensics investigations.
• Strong analytical and problem-solving skills, with the ability to think quickly under pressure.
• Excellent communication and collaboration skills, with the ability to convey technical information to non-technical stakeholders effectively.
• Ability to work independently and as part of a team in a fast-paced environment.
• Bachelor's degree in Computer Science, Information Security, or a related field.

BONUS POINTS IF YOU HAVE

• Relevant certifications (e.g., GIAC, CEH).
• Experience in AWS cloud, Sumo Logic and Crowdstrike.
• Experience with compliance frameworks such as ISO 27001, SOC and FedRAMP.

Location

Conshohocken, PA - Hybrid preferred

Aren’t sure if you’re a match? We know that impostor syndrome and the confidence gap can prevent us from meeting spectacular candidates — so don’t hesitate to apply; you could be the perfect fit!

Compensation and Benefits

Boomi is committed to fair and equitable compensation practices. An overview of our benefits can be found here.

#LI-ES1