Description
Security Incident Manager - ArcSight, SOC, CSIRT, ITIL, Security Services is required by my client. The project is based in Paris but there will be opportunity to work from home.
Key Skills and Experience:
MUST HAVE
2 years' experience working in a SOC or CSIRT
2 years' experience working a security incident manager
The profiles are expected to have the following background:
- Working knowledge of ITIL Service Management concepts and processes, including: incident management, change management, problem management, service request management, configuration management 2 years
- Proven experience on security incident management 3 years
- Overall hands on experience of Information Security 5 years
- Experience in a multi-national, shared services environment, including clear customer service and resolution of escalated issues 3 years
- Experience in delivery processes, including life cycle controls (eg Design, Pilot, Acceptance) and Project Management 3 years
- Experience in the service management of a security operations center 3 years
- Experience with security services such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF), Firewall logs, systems logs, web logs, application logs and Security Information and Event Management (SIEM) systems.
- They are expected to have the following skills:
- Cross cultural sensitivity, flexibility
- Organized with a proven ability to prioritize workload, meet deadlines, and utilize time effectively
- Strong interpersonal and communication skills; able to deal effectively with diverse skill sets and personalities, works effectively as a team player
- Ability to function effectively in a Matrix structure
- Operate comfortably at management level
- Strong facilitation, negotiation and conflict resolution skills
- Strong analytical skills
- Fluent in English
Role Responsibilities:
- Manage security incidents to ensure timely mitigation and escalate to appropriate incident resolver groups and leadership as required
- Ensure correct execution of Security Incident Management Processes
- Drive the efficiency and effectiveness of the Security Incident Management Process
- Identify any incident/request that requires increased focus and actions necessary to meet committed service levels
- Incident review and reporting on ticket resolution
- Produce management information, including reports and KPIs
The profiles will work on the following tasks:
- Manage security incidents to ensure timely mitigation and escalate to appropriate incident resolver groups and leadership as required
- Ensure correct execution of Security Incident Management Processes in coordination with the service manager
- Develop, co-ordinate and promote the effective functioning of incident management and escalation processes across live systems and services
- Escalate to problem management activities when necessary
- Co-ordinate the rapid and effective handling of major incidents and support and track escalations
- Lead the investigation via root cause analysis (eg following on from major incidents) or through proactive trend analysis and monitoring
- Co-ordinate and track escalations to minimize the adverse impact of service issues on the business
- Identify any incident/request that requires increased focus and actions necessary to meet committed service levels
Reporting:
- Review the incidents metrics and report on ticket resolution
- Ensure the preparation and timely distribution of all incident reporting against SLA, OLA, and processes in place
- Produce and present regular reporting including metrics on a per customer basis.
- Provide trend analysis to understand customer satisfaction impact, recommend improvement or mitigation actions
Mercator IT Solutions provides services as an agency and an employment business