The post in a nutshell:
The head of the SOC (Security Operation Center) plans and organizes the daily operations of the SOC in order to assess the level of vulnerability and detect suspicious or malicious activities. It sets up the security incident detection service. It validates the proper execution of security event supervision and management processes and ensures complete and accurate reporting of key indicators. It defines and steers the SOC’s service improvement plan.
Equivalent title: Head of the Security Operations Center, Head of the Cyber Defense Center, Head of the Security Incident Detection Service
- Plan and organize the daily operations of the SOC
- Provide operational support for security crisis management in the event of major security incidents
- Ensure relations with CERT (Computer Emergency Response Team) or CSIRT (Computer Security Incident Response Team) incident response teams, particularly in a crisis situation to coordinate the various operational security teams
Prevention and detection strategy:
- Prevention and detection strategy: Define the SOC strategy, ensure technical consistency, take into account regulatory requirements
- Define and implement SOC tools for event collection, access to security platforms, search for suspicious events, alert management, security incident monitoring workflows
- Feed the detection strategy from a global vision of the nature and level of vulnerability of the IS
- Define detection use cases and integrate them into detection tools
- Define and implement notification and escalation processes
- Evaluate and validate the effectiveness of the tools deployed in the SOC and lead the necessary corrective action plans if necessary
- Create synergies with other security teams by sharing information on identified threats (internally and externally)
Our advice: this position is open to women and men. Motivation and the desire to learn are the fundamental qualities for the success of your project. Don’t put a barrier on yourself, you can do it.
- Operating system security
- Network security and protocols
- Cyberdefence: knowledge of crisis management
- Cyberdefense: practice of log analysis (systems or applications)
- Cyberdefence: practice of network flow analysis
- Cyberdefence: knowledge of event log correlation tools and methods (SIEM)
- Cyberdefense: knowledge of security monitoring solutions
- Cyberdefense: knowledge of attack and intrusion techniques
- Cyberdefense: knowledge of Scripting environment vulnerabilities
- Team management
- Ability to work across the organization
- The ability to work in a team
- Ability to withstand pressure
- Capacity for restitution and popularization for non-technical audiences
- ethical sense
Description of the profession in the ANSSI directory
The SOC manager must acquire a good understanding of the supervision needs for critical business activities in order to ensure the development of application and specific use cases (e.g. monitoring of industrial IS). In addition, the SOC manager must manage more and more security incidents and must therefore develop a good understanding of the threats that weigh on his perimeter.
How to get into the job
Education: Bac +5, specialization in cybersecurity Professional experience of at least 5 years within a SOC
Our Intra-company training
From 2023 the CSB SCHOOL will offer you to train your employees to help them develop their different skills in the cybersecurity field. After a thorough study of the need by our development manager, you will be put in touch with our different pedagogical experts on the identified theme.
Master Cybersecurity expert
The Master's block is adapted to professions with responsibility and to very specific needs of cybersecurity. It will allow you to deepen and refine your knowledge and skills in one of our 4 specialties: Information Technology (IT), Industrial (OT), Security Operations Center (SOC) or Governance, Risk and Compliance (GRC).
The complete career guide
Condimentum lacinia quis vel eros donec ac odio. Nibh cras pulvinar mattis nunc sed blandit libero volutpat. Facilisis gravida neque convallis a cras semper auctor neque vitae.
Same field jobs
Our school provides training in 21 cybersecurity jobs, from technical to supervising positions, from IT operations to industrial systems security. Here is the list of jobs you will be trained for by attending one of our training programs.