Skip to main content Skip to Footer

Job Listing



Security Operations Associate Manager

Sede annuncio: Assago, Napoli

Regional Description: Italia

Codice annuncio: 00497474

Invia il tuo CV Salva questo annuncio

- Descrizione profilo

 

 

 

WE SEEK CYBER TALENTS TO PROTECT THE BUSINESS OF OUR CLIENTS.
JOIN ACCENTURE SECURITY AND DESIGN THE MOST INNOVATIVE CYBER SECURITY SOLUTIONS WITH US.
 
Accenture Security design and implement the most innovative security solutions to give an answer to the most complex Cyber attacks. Become an Accenture Security professional and ensure a straightforward approach to information security for a real business and technology revolution.

 

SECURITY OPERATIONS ASSOCIATE MANAGER

Milan - Assago, Naples 

 

 
Don’t just follow the rules. Set them.



Position Scope:

IT professional with a consistent track record of leading security teams responsible for supporting highly complex, scalable and reliable security infrastructure solutions as well as monitoring systems and capacity planning processes. As a Security Operations Manager, the candidate must demonstrate effective communication skills as well as technical ability to troubleshoot complex issues across technology boundaries. He/she will provide technical support for full life cycle projects, infrastructure platforms and process efforts. He/she will interface extensively with business partners and various management teams.

Responsibilities for Position:

  • Lead Security Operations team in support of operations and project support activities
  • Lead and Mentor team members in order to improve overall skills and capability
  • Identifies and manages risks and issues as a subject matter expert for daily operational support and projects
  • Support and lead SOC team in the following tasks:
    o Provide Security Infrastructure management, Security Monitoring and Incident Response, Vulnerability Management and IAM services to clients across all industries and internal projects
    o Perform security incident investigations, figure out the cause of the security incident and preserve evidence for potential legal action
    o Perform basic malware analysis and IoC extraction
    o Interface with technical personnel and others teams as required
    o Make recommendations on incident classification, prioritization, containment, eradication and recovery in order to implement appropriate corrective action
    o Design, develop and create correlation rules within the Security Information and Event Management (SIEM) platform
    o Provide Tier II support to customers and respond and resolve Level II incidents within the agreed SLA
    o Maintain of a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
  • Provide guidance and insight, as well as follow directives as necessary to complete accelerated deployment of the SIEM, IPS/IDS, IAM, Strong Authentication and other security infrastructures
  • Appropriately inform and advise management on incidents and incident prevention
  • Encourages and implements continuous improvement measures on day-to-day basis
  • Manage the process of gathering, analyzing and assessing the current and future threat landscape
  • Leverages extensive knowledge of communications in a manner that provides business value to the IT Organization
  • Required to identify, assess, and resolve complex issues/problems within own area of responsibility
  • Improve Incident remediation and prevention processes and procedures
  • Document and conform to corporate and/or client security policies
  • Cooperate in knowledge sharing with the rest of the team and develop solutions efficiently
  • Coordinate or participate in individual or team projects
  • Provide performance metrics as necessary
  • Develop and optimize technical processes and coordinate procedure documentation.
  • Providing CISOs/Senior Management with a realistic overview of risks and threats in the enterprise environment
  • Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT departments.
  • Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
  • Coordinate measure and report on technical and service (KPI, SLA) aspects of security management
  • Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements
  • Manage and coordinate operational components of incident management, including detection, response and reporting
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk
  • Manage security projects and provide expert guidance on security matters for other IT projects.
  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
  • Ensure security infrastructures are maintained efficient and monitored
  • Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.

 

What makes the difference
 

Education Requirements:

  • Bachelor’s and above degree in Computer Science, MIS, Engineering, Math, or Business; or relevant experience in some of these fields

Must Have Skills/Qualifications:

  • At least 6+ years of experience in Information Security, Risk Management, Infrastructure Security and Compliance
  • 2 to 4 years’ experience of Security Operations management experience, leading a security team of 3 to 10 analysts/engineers
  • 2 to 4 years of Security Operations experience, design and troubleshooting in a fast pace production environment
  • Excellent communications skills interacting with technical and business audiences
  • Strong social skills and a history of building strong relationships with clients
  • Good understanding of concepts and hands-on experience on products such as SIEM (es: RSA Security Analytics/HP Arcsight/AlienVault), IPS/IDS, vulnerability management (Nessus/Qualys), antispam, web content filtering
  • Functional knowledge of GRC, I&AM, ITSM, system monitoring and supporting tools
  • Good understanding of Infrastructure Security and its impact on Security Operations, Vulnerabilities, Reporting, Analytics and Monitoring
  • Confirmed documentation skills including proficiency with the documentation and documentation maintenance for process work flow diagrams
  • Ability to work independently and make appropriate decisions or escalations with minimal supervision in a dynamic team environment
  • Meaningful knowledge of networking and security fundamentals. Complete understanding of TCP/IP, HTTP, HTTPS, SSL, Protocols
  • Working knowledge of Microsoft Windows and Unix/Linux operating environments
  • Basic programming and scripting skills (Bash, Perl/Python, Java/C/C++, Javascript)
  • Willingness to provide on call support for critical production issues
  • Experience with network traffic collection and analysis tools and techniques
  • Knowledge of application attack vectors from OWASP Top 10 list including injection, Cross Site scripting, XSRF, etc
  • Knowledge of various open source security tools such as network and vulnerability scanners, proxies, fuzzers etc
  • Port scan and Vulnerability scanning techniques (should have hands on experience)
  • Willingness to engage “hands-on” from inception to complete and audit to security infrastructures deployment
  • Operational knowledge of system and network security engineering best practices and architecture
  • A solid understanding of frameworks such as ISO 27001/27002 and/or PCI-DSS

Nice to Have Skills/Qualifications:

  • Experience working in a diversified, virtual environment
  • Administrational tool development and maintenance
  • Hands-on experience in pen testing (infrastructures and web/mobile applications), malware analysis and source code auditing
  • Knowledge of commercial I&AM suites (Oracle or CA)
  • Certifications such as CISSP, CISM, GIAC-GCIH, ISO 27001 LA

Languages:

  • Fluent Italian and English
Best People, Best Training & Best Work: start your adventure at the top
 
Find out how to bring your ideas and creativity to life in a young, creative, friendly and dynamic environment. Structured and customized training is designed to help you build your own firmly grounded professional career by developing both technical and management skills.
Become part of a global network renowned for the quality of its people and services, manage complex and challenging projects, and test emerging technologies.
When there are no limits to passion, there is no limit to innovation.
 
Inclusion & Diversity
 
Our Inclusion & Diversity strategy aims to break down all barriers and eliminate prejudice. We are committed to providing an accessible, inclusive, open and welcoming workplace environment for people with different abilities, backgrounds, lifestyles, sexual orientation, gender identity, needs and expectations, helping all individuals to make the most of their professional potential.
We honor our commitments under articles 1 and 18 of Law No. 68/1999 and give special consideration to candidates in protected categories.
 
For further information, visit our website: professioni.accenture.it
For information on our Privacy Protection Safeguards (art13 L.196/03), click here.
Accenture is an equal opportunities employer.

Trova un lavoro

Inizia la tua ricerca qui: Inserisci job title, competenza, livello di esperienza o città

RESTA IN CONTATTO

Entra nella Accenture Talent Connection, segui il nostro Careers blog, o registrati per ricevere i job alerts.