.Lead, Cyber Security Operations CenterLead, Cyber Security Operations Center (VF Services, LLC, Greensboro, NC):Ensure proper monitoring and analysis of logs, alerts, and external data sources to determine any security and operational impact to the organization. Resolve or escalate cyber security incidents and events and escalate to the Incident Response team as needed per established guidelines. Review research performed by SOC Analysts related to security events and threat intelligence data. Perform proactive threat research and validation for security event data generated from monitoring tools and manual analysis. Review all IR tickets to ensure accuracy and completeness. Create metrics based on the offenses handled and work performed by the Security Operations. Maintain Security Operations metrics dashboards. Create Reference Sets within the SIEM tool to assist Tier 1 and 2 SOC Analysts with threat research. Perform documentation of event analysis and records the data within our Incident Tracking tool. Represent the Security Operations team in various SOC, Incident Response, and Cyber Security projects. Provide guidance to the organization to help advance defensive capabilities, including cyber security technologies, enterprise security platforms, and incident response processes and procedures. Act as an escalation point and technical lead for the SOC II team. Provide leadership and oversight to the SOC I team responsible for investigating all security related anomalies presented by enterprise security platforms. Must be able to provide on call support for process related issues, technical issues with security platforms, and VF non-security related high severity incidents.Telecommuting permitted up to 60% of the time.Full time employment, Monday – Friday, 40 hours per week.MINIMUM REQUIREMENTS:Must have a Bachelor's degree in Computer Science, Computer Engineering, Information Systems, or a related field, and 5 years of progressive, post-baccalaureate related work experience executing security incident handling processes and procedures.Of the required experience, must have 5 years of experience in each of the following:Applying networking concepts and models in handling security incidents, including the OSI Model, TCP/IP, DNS, HTTP, SMTP, System Administration and Architecture; Operating Systems and their architectures, including Windows, Unix/Linux and OSx; Operating and tuning QRoC SIEM Tool; Managing IBM Resilient SOAR platform; andUtilizing defensive security tools, including EDR, Anti-Malware, and SASE.Of the required experience, must have 4 years of experience in scripting languages in at least two of the following: Bash, Python, Ruby, Javascript, or SQL.TO APPLY: Apply online at vfc.Com/careers under "find your calling here" and search for "R-20230519-0046 Lead, Cyber Security Operations Center (Evergreen) (Open)" and click apply
