Remote Manager Security Operations Center

June 5, 2024

Job Description

The SOC Manager oversees all internal cybersecurity operations and manages the Security Operations Center (SOC) along with its analyst staff. This role involves providing direction to analysts and acting as a liaison to other teams within SIE. It requires a self-motivated individual.

The SOC ensures 24/7 security monitoring, triage, and response globally across SIE. As the primary contact for any suspected security incident, the SOC collaborates with the Incident Response team and other experts to address and mitigate threats across SIE organizations, PlayStation Network, and PlayStation Studios. Key responsibilities include:

  • Leading and mentoring the team, setting and tracking goals for SOC analysts.
  • Ensuring Service Level Agreements are defined, tracked, and met.
  • Developing metrics to monitor and communicate performance, coverage, and risk while staying updated on security regulatory trends and operational requirements.
  • Mentoring SOC Leads and Analysts, sharing knowledge as needed.
  • Driving the growth and expansion of the SOC and evaluating new products for integration.
  • Ensuring Standard Operating Procedures are current and followed.
  • Seeking ways to improve security monitoring and operational tasks.
  • Evaluating and adapting SIEM rules, content, events, and use cases to meet business requirements.
  • Collaborating with external teams to develop operational security policies and standards that align with business objectives and compliance requirements like PCI and SOX.
  • Enhancing reports and presenting them to leadership regularly.
  • Properly handling reports from PlayStation’s public bug bounty program.

Required Experience, Skills, and Knowledge:

  • 3+ years of team management experience and 5+ years in information security, focusing on global (24×7) security operations, incident management, and intrusion analysis.
  • Strong understanding of general cybersecurity concepts and industry-standard security policies.
  • Thorough knowledge of SIEM technologies, such as Splunk ES, and proficiency with case management and ticketing systems.
  • In-depth understanding of cyber attacks, attack vectors, and exploitation methods, along with hands-on experience analyzing logs, network data, and other attack artifacts.
  • Commitment to continuous training and self-study in cybersecurity.
  • Experience with automation development and implementation.
  • Strong leadership and communication skills across distributed and diverse teams.
  • Familiarity with cloud environments like AWS, Azure, GCP, and proficiency with cloud security services.
  • Experience with Endpoint Security, Cloud Security, Network, and Application Security.

Desired Qualifications:

  • Knowledge and experience in Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM), and PCI Security Standards.
  • Bachelor’s degree in Computer Science, Computer Engineering, Information Technology, Cyber Security, Intelligence Studies, or equivalent experience.
  • Certifications such as SANS/GIAC GSOM, GSOC, GCIA, GCIH are a plus, though skill level is more important.

Salary and Benefits:

Estimated salary: $45,000 — $80,000/year

Benefits include:

  • 401(k)
  • Distributed team
  • Asynchronous work
  • Vision, dental, and medical insurance
  • Unlimited vacation and paid time off
  • 4-day workweek
  • 401k matching
  • Company retreats
  • Coworking budget
  • Learning budget
  • Free gym membership
  • Mental wellness budget
  • Home office budget
  • Pay in crypto
  • Pseudonymous
  • Profit sharing
  • Equity compensation
  • No whiteboard interview
  • No monitoring system
  • No office politics
  • Inclusive hiring for all ages