Security Operations Center (SOC) Manager

We are a values driven organization putting Relationships FIRST. EagleBank (NASDAQ – EGBN) is focused on being Flexible, Involved, Responsive, Strong, and Trusted. By prioritizing meaningful connections with our customers, employees, and shareholders, we relentlessly deliver the most compelling, valuable service to our customers.

EagleBank is committed to inclusion, equity, and respect. We celebrate diversity and intentionally seek out opportunities to learn from one another’s experience. We believe employees are essential to the building of relationships and we prioritize investing in employee growth and wellbeing. Employee involvement is fostered through resource groups, mentorship programs, community service, and scholarship opportunities for continued education. With features including maternity and parental leaves, wellness discounts, healthcare premium sharing, employer funding in your HSA account, and 100% 401(k) matching up to 4%, we pride ourselves in the ways we support our internal relationships.

We understand the need to be creative and flexible when it comes to telecommuting and other alternative work arrangements. This position is eligible for our hybrid remote work and will work in the Silver Spring, MD office four days per week.

The SOC Manager is responsible for the EagleBank SOC Operations. This includes managing the Tier1 Outsourced MSSP, and dark web Monitoring MSSP relationships. The SOC Manager is responsible for the overall security monitoring of all EagleBank assets, tuning the alerts, analyzing the security event, and maintaining EagleBank’s operational security controls in support of EagleBank’s Information Security Program. This role will be focused on leading and performing advanced triage and detail analysis of security events of EagleBank’s technology environments and integrating risk-based threat intelligence into the operational environment. The role also supports the ability to maintain assurance in our technical security controls so that risks to the confidentiality, integrity, and availability of EagleBank’s information systems and infrastructure are sufficiently mitigated which in turn, supports the bank’s operational goals. Assist with vulnerability management oversight, end user proxy access support as needed, prepare daily SOC reports and ensure that metrics are reported periodically. This role will have oversight of and responsibility for two or more SOC Analysts and the outsourced MSSP relationship.

Requirements:

• Bachelor’s degree in computer science or information Systems, Information Technology or related focused technical training or in lieu 4 additional years of engineering and project management experience.
• 10 years of related experience in Information Security, with at least 6 years of experience at the lead level of a SOC (Security Operations Center) engaged in cyber incident management and analysis.
• Very familiar using SEIM and EDR tools. Ability to direct the MSSP to tune appropriately.
• Experience dealing with security multiple threat intelligence sources (paid or unpaid) and incorporating the same within our environment.
• Ability to lead the investigation and manage a cybersecurity event and work with the InfoSec and IT team to inspect, examine and resolve.
• Familiarity with other security tools like Vulnerability Management, Antivirus, Web proxies, forensics, etc.
• Previous supervisory or Leadership experience in a SOC environment.

• Two or more of any of the following certifications:

  • SANS GIAC Certifications:
    • GIAC Certified Perimeter Protection Analyst
    • GCIH: GIAC Certified Incident Handler
    • GOEC: GIAC Operations Essentials Certifications
  • CompTIA Security+
  • Certified Ethical Hacker (CEH)
• Knowledge of managing and leading cyber incidents using the Cyber Incident Response Plan (CIRP)
• Participate in Cyber exercise and be the subject matter expert for SOC operations and security events.
• Knowledge of SEIMs like Microsoft Sentinel, LogRhythm, Splunk, etc.; NDR like Darktrace, ExtraHop, Vectra, etc.
• Knowledge of SOC tools like VirusTotal, Abuse IPDb, Cisco Talos, PaloAto Watchfire, Threat Miner, Urlscan, etc.
• Knowledge working on alerts from systems, firewalls (PaloAlto, Fortinet); IDS/IPS, VPN, WAFs, etc.
• Knowledge of TCP/IP networking: networking topology, protocols, and services.
• Broad knowledge of computer networking technology.

Preferred:

• 14 years of Security Operations or Security Administration.
• Familiarity with security tools (Pen Testing, Network Detection & Response).
• Ability to do malware analysis and establish a sandbox.
• One or more of the following certifications (or equivalent):
  • SANS GIAC Certifications such as:
    • GPEN:  GIAC Penetration Tester
  • Cisco Certified Network Associate Security (CCNA Security)
  • Certified Network Defender (CND) or Certified SOC Analyst (CSA)Knowledge and experience of Unified Threat Management, Virtualization, Windows Desktop and Server operating systems, firewall technologies, application layer security controls, and IDS/IPS technologies.
• Knowledge of multiple NBA or UEBA tools.
• Knowledge of SOC Sandboxes and Malware Analysis tools, etc.
• Conduct threat hunting exercises and campaigns. Knowledge of DFIR best practices.

OTHER JOB REQUIREMENTS:

• Ability to work extended hours, when necessary, to support operational requirements.
• Availability for participation in on-call rotation.

Don't meet all the requirements? We encourage you to still apply if you think you are the right person to join our community. We are always interested connecting with people inspired by our mission and values. If you aren’t hired for this position, your resume will remain available for the next year and might be considered for future openings. Note: You can update your resume as often as needed.