The Technology Security Incident & Event Management (SIEM) Manager is responsible for managing the security incidents and events within an organization's technology infrastructure. This individual is responsible for monitoring, detecting, and responding to security incidents and events that could affect the confidentiality, integrity, or availability of the organization's information and technology systems.
Develop and implement technology security incident and event management policies, procedures, and best practices to ensure the timely and effective response to security incidents and events.
Manage and lead a team of security analysts and incident responders to ensure the timely and effective detection, investigation, and resolution of security incidents and events.
Develop and maintain a security incident and event management program, including the creation of playbooks, procedures, and workflows.
Lead the engineering of security solutions working with 3rd party vendors
Monitor and analyze security events from various sources to detect potential security incidents and events.
Conduct investigations into security incidents and events, including root cause analysis, and provide recommendations to prevent similar incidents in the future.
Develop and deliver security awareness and training programs for employees to promote a culture of security throughout the organization.
Collaborate with other departments and stakeholders to ensure that security incident and event management is integrated into all aspects of the organization's operations.
Ensure compliance with relevant security and data protection regulations, such as GDPR, CCPA, and HIPAA.
Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
Minimum of 5 years of experience in technology security, with at least 3 years in a leadership role focused on security incident and event management.
Demonstrated experience in developing and implementing security incident and event management policies, procedures, and best practices.
Proven track record of successfully managing security incidents and investigations.
Excellent communication skills, with the ability to present complex technical information to both technical and non-technical audiences.
Relevant professional certifications such as CISSP, CISM, or CISA.
Experience with security information and event management (SIEM) tools and technologies, such as Splunk, QRadar, or ArcSight.
Experience with threat intelligence and vulnerability management.
Knowledge of cloud security and experience securing cloud-based systems and applications.
Ability to work collaboratively with stakeholders across the organization, including IT, legal, compliance, and business units.
Strong analytical and problem-solving skills.
Ability to lead and inspire a team of security professionals.