Cybersecurity SOC Team Lead Job at Central Hudson Gas & Electric in City of Poug

Central Hudson Gas & Electric - Cybersecurity SOC Team Lead

Location: Poughkeepsie, New York

Benefits:

• Competitive compensation
• Medical, Dental, and Vision insurance
• 401(k) Retirement Savings Plan with substantial company match
• Life and Travel Insurance
• Tuition Assistance
• Wellness Reimbursement Program
• Paid Holidays and Vacation

What is a Cybersecurity SOC Team Lead?

We are seeking a diligent and experienced Cybersecurity SOC Team Lead to join our team. In this role, you will work within a group of highly motivated Information Technology and Cybersecurity professionals committed to keeping Central Hudson safe. The Cybersecurity SOC Team Lead leads a team of SOC Analysts and assists them in their daily operations as they proactively seek out adversaries. The Team Lead serves as an escalation point for the SOC Analysts and a liaison with our Cybersecurity Engineers.

Responsibilities:

• Oversees daily SOC activities, ensuring timely detection and response to security incidents
• Continuously reviews and enhances SOC processes, including playbooks, response procedures, and threat hunting practices
• Supervises, mentors, and develops the SOC Analysts
• Initial escalation and notification point for SOC Analysts
• Leads post-incident reviews and ensures lessons learned are documented and applied
• Prepares detailed reports on SOC performance and incident trends
• Assists Cybersecurity Engineers with tuning false positive and/or true positive non-actionable security events
• Represents the Security Operations Center at internal/external meetings
• Oversees and leads incident response and investigation activities, ensuring timely resolution
• Fosters a collaborative environment for sharing insights and strategies
• Provides timely updates on ongoing incidents and emerging threats
• Highlights key metrics and performance indicators
• Proactively hunts for threats and vulnerabilities within the corporate environment
• Generates detailed reports on security incidents, including findings, actions taken, and recommendations for future prevention
• Provides regular status updates to management and stakeholders
• Works closely with other IT and security teams to ensure comprehensive incident management and response
• Monitors news, security sites, and other threat actor activity channels for new/current threats and stays updated on emerging cybersecurity threats and technologies
• Promotes and raises awareness by educating others about the importance of cybersecurity
• Builds relationships with government and local agencies to promote collaborative information sharing
• Supervises employees working in a 24/7 shift environment, including nights, weekends, and holidays and participates as needed
• Participates in on-call as needed to respond to security incidents outside of regular working hours
• Provides storm/emergency response support

Minimum Requirements:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field of study and 3 years of experience in cybersecurity. In lieu of a bachelor’s degree, an associate degree in the aforementioned fields and 5 years of cybersecurity operations or related experience or a high school diploma or equivalency degree and 7 years of cybersecurity operations or related experience will be considered
• In-depth knowledge of security operations, including SIEM, SOAR, EDR, IDS/IPS, malware analysis, email security, and endpoint protection
• Demonstrated ability to develop, tune, and optimize use cases for alerting in a SIEM platform
• Proficiency in threat hunting techniques and methodologies to proactively identify and mitigate potential threats
• Proven hands-on experience in working collaboratively with an Incident Response team, including the ability to manage and coordinate responses during cybersecurity events and incidents
• Experience in drafting and maintaining SOC operating procedures and playbooks
• Experience with data visualization tools to analyze and present security data effectively
• Knowledge of common and emerging attack vectors, penetration methods, and countermeasures
• Familiar with and have worked within Cyber Security Frameworks such as: NIST 800 - 61, Attack Life Cycle, SANS Security Controls, MITRE
• Effective communication skills, with the ability to collaborate with diverse teams, and communicate complex concepts clearly and concisely
• Must have excellent analytical, multitasking, organizational, and decision-making skills
• Ability to work with limited direct supervision and professionally respond to constructive feedback
• Ability to work nights, weekends, holidays during a critical cyber incident or event
• Valid driver’s license

Preferred Qualifications:

• SOC leadership or management experience implementing cybersecurity frameworks (MITRE ATT&CK, NIST, CIS), incident response methodologies, and threat intelligence practices
• Familiarity with scripting languages for automation and analysis
• Experience in conducting risk assessments, developing risk mitigation strategies, and evaluating contractual agreements
• Experience in Energy & Utilities or services industry
• Relevant certifications such as Systems Security Certified Practitioner (SSCP), CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+)

Applications will be accepted until January 2, 2025. Pay range: $124,600-193,200. Please go to www.centralhudson.com/employment. Click the 'Search Career Opportunities' button. Follow the directions to submit an application and upload your resume for the desired position. Applications sent via e-mail and US Mail will not be accepted. No phone calls or agencies, please. All replies will be held in strict confidence.

Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance in employment individuals who are minorities, women, protected veterans, and individuals with disabilities. VEVRAA FEDERAL CONTRACTOR