Information Security - Global SOC Manager

ResponsibilitiesAssist in building a world class Security operations team for S&P GlobalManage the S&P Global 24 - 7 Security Operations TeamManage the scoping, containment, remediation, reporting, of IncidentsProvide guidance on control implementation for post-incident risk reduction.Support the ongoing development of the SIEM environment and Use Case development.Support our Cyber Security Incident Response Team.Recognize and codify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations.Conduct host forensics, network, log analysis, and malware triage in support of incident response investigations.Develop comprehensive and accurate reports and presentations for both technical and executive audiences.Effectively communicate investigative findings and strategy to stakeholders including technical staff, executive leadership, and legal counsel.Requirements:Previous experience in a financial organization.5 Years Experience in Security Operations as hands on technical lead.3 Years Experience as SOC manager.Proficiency in Splunk, searching, alerting, dashboard creation, use case creation and logic tuning.Experience with using common EDR tools to investigate and remediate findings.Hands On Threat hunting experience.Proficiency in reviewing logs, determining threat actor TTPs, investigating incidents and implementing defensive strategiesUnderstanding of the cyber incident lifecycle.Proficiency in investigating malicious behavior in on Prem and cloud environments.Hands on experience managing a global 24 - 7 teamExperience with writing and managing IOC s and signatures such as OpenIOC format, YARA, and Snort.Demonstrated ability to make decisions on remediation and counter measures for challenging information security threatsAbility conduct frequency analysis of host system artifacts and analyze patterns of behavior to identify potentially compromised hosts.Expertise in analysis of TCP - IP network traffic and communication protocolsExperience with a scripting language such as Perl, Python, or other scripting language in an incident handling environmentExperience with malware analysis and reverse engineeringExperience conducting analysis of electronic media, packet capture, log data, and network devices in support of intrusion analysis or enterprise level information security operationsExperience with advanced computer exploitation methodologies preferred, including analysis tools such as Encase or FTKSoft SkillsAttention to detail and ability to recognize and resolve discrepanciesStrong written and verbal communication skillsSelf-motivated, enthusiastic, and passionate about Information SecurityAbility to multi-task and prioritizeS&P Global is an equal opportunity employer committed to making all employment decisions without regard to race - ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.comand your request will be forwarded to the appropriate person.The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.