SOC Consultant

**_The Business Entity_**
Working as part of the Customer Experience (CX) organization, the role of Security CE involves delivery of both transactional and subscription projects to strategic customers throughout the EMEA theater. Projects vary considerably between security reviews; design and implementation of Cisco security products; and involvement as part of virtual multi-discipline teams as the security lead in large-scale design and implementation projects.

**_The Team_**
The SOC Consultant will be part of a fast-growing team of highly capable SOC consultants across the EMEA region with focus on MEA, serving some of Cisco’s largest and most important customers.

As part of the Cisco Services MEA Security Architecture team, the SOC Consultant will work with consultants from many other security disciplines, from the design and deployment of security technology through to Governance, Risk and Compliance consulting. The team members are very diverse from different countries and different cultures.
- SoC consultant Job Description_

This role is responsible to help customers plan, design, deploy and optimize their SOCs. As well as extensive SOC experience, the Senior SOC Consultant requires strong consultancy skills, good business acumen, and leadership qualities to drive complex SOC development programs.

The SoC consultant could engage on active SoC for proactively orchestrating the Enterprise SOC operations, 24/7 third party security monitoring service, analysts team and the SIEM admin and management team. The role also requires regularly interfacing with the IT, HR, Risk, Compliance and Legal and other functions in the organization.

The role will entail:

- Work with senior customer peers, to CXO level, to analyze an organization’s business requirements for their SOC, and translate this into a SOC Strategy for the organization.
- Based on an organization’s SOC Strategy, develop a SOC Service Catalogue, and the People, Process and Technology required to support these services.
- Define with the end the key SoC metrics: SOC KPI, SLA and OLA Management
- Establish the processes for Third Party and Vendor Management
- Design the architecture of the SOC Technology Stack Management
- Create business cases to deliver to executive level to secure SOC funding.
- Develop RFPs for customers, for external services and SOC technology.
- Lead SoC project with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties.
- Recommended Qualifications and skills_
- Min. 10 years of relevant cyber security experience.
- Min 3 years working in a Security Operations Center as a Manager or an SDM. preferably with an SI, MSP or a Vendor.
- Relevant IT security certifications such as CISSP, CISM, GCIH, GCIA, GCFA.
- Desirable: ITIL foundations, GCIH and PMP
- Good understanding of the security threat landscape, such as Advanced Persistent Threat (APT), Cyber Crime, Hacktivism and associated tactics.
- Experience of the management of cyber security analytics, cyber threat intelligence, orchestration/case management and other information security platforms.
- Hands on experience using Splunk, preferably using Splunk Enterprise Security
- Proven experience of developing and enhancing SOC Run Books
- Proven experience of Case Management and ensuring cases are resolved within required SLA
- Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity
- Experienced in leading a team across a broad set of skills and geographies.
- Strong time management and multitasking skills as well as attention to detail
- Strong collaborative skills and proven ability to work in a diverse team of security professionals
- Willing to perform hands-on work with the team
- Comfortable with impromptu tasking
- Excellent oral and written communications skills
- Strong problem-solving skill with the ability to resolve complex technical issues

Desirable working experience includes the following:

- Advanced Configuration and tuning Splunk
- Use case creation and tuning
- Customizing the use cases
- System Logging
- Firewalls
- Web Gateway
- EDR
- PAM
- PKI
- Deception
- Vulnerability Management
- AWS, Azure & Private Cloud hosted technology landscape
- Working in Classified environments
- Service desk tools

U.S. employees have **access** to quality medical, dental and vision insurance, a 401(k) plan with a Cisco matching contribution, short and long-term disability coverage, basic life insurance and numerous wellbeing offerings. Employees receive up to twelve paid holidays per calendar year, which includes one floating holiday, plus a day off for their birthday. Employees accrue up to 20 days of Paid Time Off (PTO) each year and have access to paid time away to deal with critical or emergency issues without tapping into their PTO. We offer additional paid time to volunteer and give bac