Skip to main content Skip to Footer

Job Listing



Security Operations Associate Manager

Sede annuncio: Assago, Naples

Regional Description: Italy

Codice annuncio: 00497474

Invia il tuo CV Salva questo annuncio

- Descrizione profilo

  Security Operations Associate Manager
Milan - Assago, Naples



Position Scope:

IT professional with a proven track record of leading security teams responsible for supporting highly complex, scalable and reliable security infrastructure solutions as well as monitoring systems and capacity planning processes. As a Security Operations Manager, the candidate must demonstrate effective communication skills as well as technical ability to troubleshoot complex issues across technology boundaries. He/she will provide technical support for full life cycle projects, infrastructure platforms and process efforts. He/she will interface extensively with business partners and various management teams.

Responsibilities for Position:

  • Lead Security Operations team in support of operations and project support activities
  • Lead and Mentor team members in order to improve overall skills and capability
  • Identifies and manages risks and issues as a subject matter expert for daily operational support and projects
  • Support and lead SOC team in the following tasks:
    o Provide Security Infrastructure management, Security Monitoring and Incident Response, Vulnerability Management and IAM services to clients across all industries and internal projects
    o Perform security incident investigations, determine the cause of the security incident and preserve evidence for potential legal action
    o Perform basic malware analysis and IoC extraction
    o Interface with technical personnel and others teams as required
    o Make recommendations on incident classification, prioritization, containment, eradication and recovery in order to implement appropriate corrective action
    o Design, develop and create correlation rules within the Security Information and Event Management (SIEM) platform
    o Provide Tier II support to customers and respond and resolve Level II incidents within the agreed SLA
    o Maintain of a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
  • Provide guidance and insight, as well as follow directives as necessary to complete accelerated deployment of the SIEM, IPS/IDS, IAM, Strong Authentication and other security infrastructures
  • Appropriately inform and advise management on incidents and incident prevention
  • Encourages and implements continuous improvement measures on day-to-day basis
  • Manage the process of gathering, analyzing and assessing the current and future threat landscape
  • Leverages extensive knowledge of communications in a manner that provides business value to the IT Organization
  • Required to identify, assess, and resolve complex issues/problems within own area of responsibility
  • Improve Incident remediation and prevention processes and procedures
  • Document and conform to corporate and/or client security policies
  • Participate in knowledge sharing with the rest of the team and develop solutions efficiently
  • Coordinate or participate in individual or team projects
  • Provide performance metrics as necessary
  • Develop and optimize technical processes and coordinate procedure documentation.
  • Providing CISOs/Senior Management with a realistic overview of risks and threats in the enterprise environment
  • Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT departments.
  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
  • Coordinate measure and report on technical and service (KPI, SLA) aspects of security management
  • Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements
  • Manage and coordinate operational components of incident management, including detection, response and reporting
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk
  • Manage security projects and provide expert guidance on security matters for other IT projects.
  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
  • Ensure security infrastructures are maintained efficient and monitored
  • Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.

Education Requirements:

  • Bachelor’s and above degree in Computer Science, MIS, Engineering, Math, or Business; or relevant experience in some of these fields

Must Have Skills/Qualifications:

  • At least 6+ years of experience in Information Security, Risk Management, Infrastructure Security and Compliance
  • 2 to 4 years’ experience of Security Operations management experience, leading a security team of 3 to 10 analysts/engineers
  • 2 to 4 years of Security Operations experience, design and troubleshooting in a fast pace production environment
  • Excellent communications skills interacting with technical and business audiences Strong interpersonal skills and a history of building strong relationships with clients
  • Good understanding of concepts and hands-on experience on products such as SIEM (es: RSA Security Analytics/HP Arcsight/AlienVault), IPS/IDS, vulnerability management (Nessus/Qualys), antispam, web content filtering
  • Functional knowledge of GRC, I&AM, ITSM, system monitoring and supporting tools
  • Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring
  • Proven documentation skills including proficiency with the documentation and documentation maintenance for process work flow diagrams
  • Ability to work independently and make appropriate decisions or escalations with minimal supervision in a dynamic team environment
  • Strong knowledge of networking and security fundamentals. Complete understanding of TCP/IP, HTTP, HTTPS, SSL, Protocols
  • Working knowledge of Microsoft Windows and Unix/Linux operating environments
  • Basic programming and scripting skills (Bash, Perl/Python, Java/C/C++, Javascript)
  • Willingness to provide on call support for critical production issues
  • Experience with network traffic collection and analysis tools and techniques
  • Knowledge of application attack vectors from OWASP Top 10 list including injection, Cross Site scripting, XSRF, etc
  • Knowledge of various open source security tools such as network and vulnerability scanners, proxies, fuzzers etc
  • Port scan and Vulnerability scanning techniques (should have hands on experience)
  • Willingness to engage “hands-on” from inception to complete and audit to security infrastructures deployment
  • Operational knowledge of system and network security engineering best practices and architecture
  • A solid understanding of frameworks such as ISO 27001/27002 and/or PCI-DSS

Nice to Have Skills/Qualifications:

  • Experience working in a diversified, virtual environment
  • Administrational tool development and maintenance
  • Hands-on experience in pen testing (infrastructures and web/mobile applications), malware analysis and source code auditing
  • Knowledge of commercial I&AM suites (Oracle or CA)
  • Certifications such as CISSP, CISM, GIAC-GCIH, ISO 27001 LA

Languages:

  • Fluent Italian and English

What we do


SERVING AS A TRUSTED SECURITY PARTNER TO GLOBAL ORGANIZATIONS IN BOARDROOMS, CONTROL ROOMS AND EVERYWHERE IN BETWEEN
We know there’s no finish line in securing your organization. That’s why Accenture Security is continuously innovating next-generation services that span the entire security lifecycle.
We don’t believe in one-size-fits-all solutions. Accenture Security has the expertise, global resources and advanced technologies to create integrated, practical services that are specifically tailored to your industry and business goals. Let us help you prepare, prevent, detect, respond and recover – on demand and at a global scale.

What’s in it for you?

Our Accenture professionals receive comprehensive training covering business acumen, technical and professional skills development. You'll also have opportunities to hone your functional skills and expertise in an area of specialization. We offer a variety of formal and informal training programs at a number of levels to help you acquire and build specialized skills faster. Learning takes place both on the job and through formal training conducted online, in the classroom, or in collaboration with company-acknowledged Subject Matter Experts. The sheer variety of work we do, and the experience it offers, provide an unbeatable platform from which to build and further develop your career.

Enjoy challenging and interesting work that requires innovation and creativity. Your entrepreneurial spirit and vision will be encouraged and rewarded, and your success will fuel opportunities for increased impact and rapid career advancement. You’ll also build the deep, valuable industry and functional expertise that will keep you relevant as you grow your career.

Accenture is committed to providing an accessible, inclusive, open and welcoming workplace environment for people with different abilities, backgrounds, lifestyles, sexual orientation, gender identity, needs and expectations to help each person achieve their professional potential.

Our Inclusion & Diversity strategy aims to eliminate all barriers and prejudices. We acknowledge the potential brought by difference and want to make the most of creative and innovative contributions.

Making the most of diversity is at the heart of our value system. By multiplying the value that each individual brings to us with their unique experience, education, opinions and approaches, we build an innovative work environment which is both collaborative and motivational.

Accenture honors it commitments under articles 1 and 18 of Law No. 68/1999 and gives special consideration to candidates in protected categories.

For further information, visit our website: professioni.accenture.it

For information on our Privacy Protection Safeguards (art13 L.196/03) click here.

Accenture is an equal opportunities employer.

Trova un lavoro

Inizia la tua ricerca qui: Inserisci job title, competenza, livello di esperienza o città

RESTA IN CONTATTO

Entra nella Accenture Talent Connection, segui il nostro Careers blog, o registrati per ricevere i job alerts.