SIEM & Incident Respose Manager

Job Description:
The SIEM and IR Manager must have responsibility for overseeing the work performed by other Professional Services Engineers along with the implementation, management, and optimization of the Security Information and Event Management (SIEM) solution and coordinating with existing SOC operations and existing SOC management and leadership teams. Strong background in cybersecurity, extensive experience with SIEM technologies (Elastic preferred) and SOC operations, and a proven track record of leading and developing high-performing teams.

Responsibilities:
-  Lead and manage the SIEM and IR team to ensure effective detection, analysis, and response to security incidents.
-  Oversee the implementation, configuration, and optimization of the SIEM solution to enhance threat detection capabilities.
-  Align with existing SOC procedures, processes, and playbooks to streamline incident response activities.
-  Monitor SIEM and IR team with respect to SIEM alerts and security events, investigation of incidents, and oversight of root cause analysis.
-  Collaborate with existing SOC personnel and cross-functional teams to coordinate incident response efforts and mitigate security risks.
-  Provide leadership and mentorship to SIEM and IR team members, guiding their professional development and enhancing team capabilities.
-  Conduct regular assessments and audits of SIEM configurations to ensure compliance with industry standards and best practices as defined by the existing customer.
- Stay current on emerging threats, vulnerabilities, and security technologies to continuously improve SIEM and IR operations and threat detection capabilities.

Requirements:
-  Hands-on experience with SIEM platforms such as Splunk, IBM QRadar, ArcSight, or LogRhythm and preferably Elastic.
-  Strong understanding of SOC procedures, incident response methodologies, and best practices and the ability to work with existing customer operational personnel and leadership.
-  Proven leadership skills with experience managing and developing teams and reporting activities and success to a customer’s operational and leadership teams.
-  Excellent communication and interpersonal skills, with the ability to collaborate effectively with the customer’s cross-functional teams.

 

EQUAL EMPLOYMENT OPPORTUNITY

EEO/Affirmative Action Statement and Non-Discrimination Policy IMRI is an Equal Employment Opportunity employer committed to maintaining a non-discriminatory, diverse work environment. In accordance with Title VII of the Civil Rights Act of 1964, Section 503 of the Rehabilitation Act of 1973, Vietnam Era Veteran's Readjustment Assistance Act of 1974 (VEVRAA), Americans with Disabilities) (ADA), and other federal, state, and local anti-discrimination laws, IMRI does not unlawfully discriminate against any person on the basis of race, color, religion, sex, national origin, ancestry, genetic information, age, marital status, sexual orientation, physical or mental disability, or status as a special disabled veteran or other veteran. IMRI will take affirmative action to assure equal opportunity for employment is provided with regard to all personnel actions. This is including but not limited to: recruitment, selection, compensation, benefits, training, promotion, demotion, layoff, termination and all other terms and conditions of employment.