Cybersecurity SOC Team Lead Job at Central Hudson Gas & Electric in Poughkeepsie

Central Hudson Gas & Electric - Cybersecurity SOC Team Lead Location: Poughkeepsie, New York Benefits: Competitive compensation Medical, Dental, and Vision insurance 401(k) Retirement Savings Plan with substantial company match Life and Travel Insurance Tuition Assistance Wellness Reimbursement Program Paid Holidays and Vacation What is a Cybersecurity SOC Team Lead? We are seeking a diligent and experienced Cybersecurity SOC Team Lead to join our team. In this role, you will work within a group of highly motivated Information Technology and Cybersecurity professionals committed to keeping Central Hudson safe. The Cybersecurity SOC Team Lead leads a team of SOC Analysts and assists them in their daily operations as they proactively seek out adversaries. The Team Lead serves as an escalation point for the SOC Analysts and a liaison with our Cybersecurity Engineers. Responsibilities: Oversees daily SOC activities, ensuring timely detection and response to security incidents Continuously reviews and enhances SOC processes, including playbooks, response procedures, and threat hunting practices Supervises, mentors, and develops the SOC Analysts Initial escalation and notification point for SOC Analysts Leads post-incident reviews and ensures lessons learned are documented and applied Prepares detailed reports on SOC performance and incident trends Assists Cybersecurity Engineers with tuning false positive and/or true positive non-actionable security events Represents the Security Operations Center at internal/external meetings Oversees and leads incident response and investigation activities, ensuring timely resolution Fosters a collaborative environment for sharing insights and strategies Provides timely updates on ongoing incidents and emerging threats Highlights key metrics and performance indicators Proactively hunts for threats and vulnerabilities within the corporate environment Generates detailed reports on security incidents, including findings, actions taken, and recommendations for future prevention Provides regular status updates to management and stakeholders Works closely with other IT and security teams to ensure comprehensive incident management and response Monitors news, security sites, and other threat actor activity channels for new/current threats and stays updated on emerging cybersecurity threats and technologies Promotes and raises awareness by educating others about the importance of cybersecurity Builds relationships with government and local agencies to promote collaborative information sharing Supervises employees working in a 24/7 shift environment, including nights, weekends, and holidays and participates as needed Participates in on-call as needed to respond to security incidents outside of regular working hours Provides storm/emergency response support Minimum Requirements: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field of study and 3 years of experience in cybersecurity. In lieu of a bachelor’s degree, an associate degree in the aforementioned fields and 5 years of cybersecurity operations or related experience or a high school diploma or equivalency degree and 7 years of cybersecurity operations or related experience will be considered In-depth knowledge of security operations, including SIEM, SOAR, EDR, IDS/IPS, malware analysis, email security, and endpoint protection Demonstrated ability to develop, tune, and optimize use cases for alerting in a SIEM platform Proficiency in threat hunting techniques and methodologies to proactively identify and mitigate potential threats Proven hands-on experience in working collaboratively with an Incident Response team, including the ability to manage and coordinate responses during cybersecurity events and incidents Experience in drafting and maintaining SOC operating procedures and playbooks Experience with data visualization tools to analyze and present security data effectively Knowledge of common and emerging attack vectors, penetration methods, and countermeasures Familiar with and have worked within Cyber Security Frameworks such as: NIST 800 - 61, Attack Life Cycle, SANS Security Controls, MITRE Effective communication skills, with the ability to collaborate with diverse teams, and communicate complex concepts clearly and concisely Must have excellent analytical, multitasking, organizational, and decision-making skills Ability to work with limited direct supervision and professionally respond to constructive feedback Ability to work nights, weekends, holidays during a critical cyber incident or event Valid driver’s license Preferred Qualifications: SOC leadership or management experience implementing cybersecurity frameworks (MITRE ATT&CK, NIST, CIS), incident response methodologies, and threat intelligence practices Familiarity with scripting languages for automation and analysis Experience in conducting risk assessments, developing risk mitigation strategies, and evaluating contractual agreements Experience in Energy & Utilities or services industry Relevant certifications such as Systems Security Certified Practitioner (SSCP), CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+) Applications will be accepted until January 2, 2025. Pay range: $124,600-193,200. Please go to www.centralhudson.com/employment . Click the 'Search Career Opportunities' button. Follow the directions to submit an application and upload your resume for the desired position. Applications sent via e-mail and US Mail will not be accepted. No phone calls or agencies, please. All replies will be held in strict confidence. Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance in employment individuals who are minorities, women, protected veterans, and individuals with disabilities. VEVRAA FEDERAL CONTRACTOR #J-18808-Ljbffr