- Company Name
- INFOMIL
- Job Title
- Responsable SOC F/H
- Job Description
-
**Job Title:** SOC Manager / CERT Lead
**Role Summary:**
Lead and operate a Security Operations Center (SOC) and Computer Emergency Response Team (CERT) to detect, investigate, and respond to cyber incidents across diverse environments. Balance operational duties with strategic security initiatives, providing technical guidance and mentorship to a multidisciplinary team.
**Expectations:**
- Minimum 5 years of cybersecurity experience, preferably in SOC/N2‑N3 analysis.
- Proven ability to lead, develop, and manage a security team.
- Strong communication skills for reporting, advising internal stakeholders, and documenting technical decisions.
**Key Responsibilities:**
- Perform Level‑3 SOC analysis of security events using Splunk SIEM.
- Investigate alerts from production teams and automated tools; coordinate major incident response.
- Enrich SOC knowledge base: document cases, share findings, and produce statistics to improve security posture.
- Participate in crisis management cells and major incident handling.
- Conduct architectural studies and integration of security solutions (WAF, EDR, bastion hosts, VPN, secure SIEM, etc.).
- Test and qualify new tools/configurations in a lab environment; produce technical recommendations and alternatives.
- Manage bug bounty programs (e.g., YesWeHack) and vulnerability coordination with internal teams.
- Align security controls with ANSSI and European authority frameworks; advise on secure technology choices.
- Maintain continuous threat intelligence and vulnerability monitoring.
- Oversee operational team management: resource planning, absence handling, performance reviews, recruitment, and skill development.
- Lead team meetings, track project progress, and ensure resource allocation.
**Required Skills:**
- Advanced expertise with SIEM platforms, especially Splunk.
- Deep knowledge of web technologies (IIS, HTTP) and common attack/defense techniques.
- Experience with security tooling: WAF, EDR, bastion, VPN, secure logging/monitoring solutions.
- Strong analytical, problem‑solving, and documentation abilities.
- Effective teamwork, mentorship, and stakeholder communication.
- Curiosity and rigor in staying current with emerging threats and industry standards.
**Required Education & Certifications:**
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
- Preferred certifications: CISSP, CISM, GIAC SOC Analyst (GSEC/GCIH), Splunk Core Certified Power User/Administrator, or equivalent.