Cybersecurity is one of the most critical issues of our generation. No other company has the powerful combination of talent, industry-leading security technology, global reach and cognitive capabilities, powered by Watson, to combat the cybersecurity threats.
Within IBM’s North America Security Service practice, we are constantly seeking security skills that can further enhance the depth and expertise needed by the marketplace.
We have exciting opportunities in IBM Canada Security Services business unit.
We are looking for an experienced security professional to lead the Canada Security Operations Center (SOC) team consisting of First line manager/s, Technical Security Analysts and the SOC Infrastructure team. This role will be responsible to provide leadership in managing the client obligations on all current Key accounts and driving positive financial performance where necessary. In addition this role will work closely with the broader NA team in executing the business strategy to expand the current SOC into a true Regional SOC with 24x7 threat monitoring (L1 & L2) capabilities to cater to local Canadian client requirements and demands while still adhering to Global IBM standards.
This individual will have experience in managing a state of the art 24x7 SOC, people management skills and demonstrated ability in hiring talent and building a team of high performing professionals. Candidate should also exhibit thought leadership, sales leadership and delivery leadership in one or more of the core security domains: Managing SOC Process / Technology / People, Managed SIEM, Managed Firewalls / UTM, Managed Endpoint Security, Incident Management, Security Strategy Risk and Compliance.
The Regional SOC Leader provides leadership & direction to the team in regards to the following:
Delivery (People, Process, Technology), Financial Mgmt
Lead a highly technical team in delivery efforts related to client obligations on existing steady state accounts. Team deliverables include deployment and integration activities, device management, event analysis, service-level reporting, risk and contingency planning. Support-related responsibilities include Day to day monitoring, trouble shooting, patch management, access management, health and availability management of Security Operations Infrastructure (Firewalls, IDPS, and SIEM etc.)
Drive improvement in GP where required
Help organize steady state management approaches and teams for client delivery
Act as the escalation point on client sat issues as they arise
Establish strong client relationships in key accounts to help progress the Security Services portfolio
Execute business strategy to expand the SOC to a true 24 x 7 operation.
Develop and administer SOC processes and review their application to ensure that SOC’s controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls
Provide management oversight for the identification, triage and response of events or incidents of apparent security breaches
Produce and review aggregated metrics of operation of SOC performance, efficiency, capacity, security controls, as well as apparent attacks, breaches, and other pertinent data before and publish for executive management review
Confer and collaborate with internal departments that provide SOC services to ensure that appropriate process and procedures and tools are installed, operating properly, and being monitored and reported
Manage external vendor relationships, hold regular performance reviews to maintain high levels of vendor performance
Improve the operational systems, processes and policies in support of organizations mission specifically, support better management reporting, information flow and management, business process and organizational planning
Manage and increase the effectiveness and efficiency of the SOC, through improvements to each function as well as coordination and communication between support and business functions
Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence
Oversee overall SOC financial management, planning, systems and controls.
Marketing and Sales
Work with solutions and sales teams to provide content to drive deals
Work closely with the solution design teams in developing client presentations and Statement of Works (SOWs) where SOC representation is needed.
Become a recognized leader in the Security Operations Centre space and help drive signings where required
Perform all IBM People Management responsibility of a diverse team including Checkpoint goals, performance discussions, career growth / advise, compensation, GDP, promotions etc
Develop and maintain personnel training plans
Help establish capability and skills models for the SOC team
Manage shift rotations to accommodate 24 x 7 threat monitoring capability.
Foster collaboration with teams such as sales, Consulting & Systems Integration (C&SI), solution design, portfolio management (PMO, PE/DPE, Contract Mgmt), broader Global MSS teams and the NA Security Services practice
Required Technical and Professional Expertise
English Fluent (Verbal and Written)
Must have Canadian Citizenship or Permanent Resident Card
At least 10 years of experience in Cyber Security
At least 5 years relevant management expertise in Managed Security Services – Managed SIEM, IDS/IPS, Managed Firewall / UTM etc
Knowledge of security technology and solutions – One or more of the following - Fortinet, Checkpoint , Cisco , Juniper , Tripwire, Symantec , F5 & PaloAlto.
Track record of strong leadership
Excellent people management skills, managing a diverse team of security professionals
Proven experience in building high performing teams.
Good technical and trouble-shooting ability
Ability to work in a high stress environment
Ability to interact with staff, peers and customers on a technical and professional level.
A thorough understanding of customer service related performance metrics
Experience in crisis management
Preferred Tech and Prof Experience
At least 15 years of experience in Cyber Security
At least 8 years expertise in Managed Security Services.
At least 5 years experience managing various security technologies such as Firewalls, UTMs, IDS/IPS, Vulnerability Management Systems (VMS), WAF, Endpoint protection, 2FA, PGP
Proven proficiency in Managing ( Device and Policy Mgmt ) of F/W , IDS / IPS , eMail Security, EPP, DLP & SIEM Solutions.
At least 5 years Managed Security Services in industry leading Security solutions such as Fortinet, Checkpoint , Cisco , Juniper , Tripwire, Symantec , F5 & PaloAlto.
Industry recognized security certifications This can include security methodology (Eg. CISSP, CISA, ITIL, etc.) or vendor specific (product) certifications (Eg. CCSP, JNCIS-FWV, etc.).
Client facing experience supporting large scale security solutions.
Canada Level 2 Secret Security Clearance
Bi-Lingual – English & FrenchSecurity Certification – One of the following - CISM, CRISC, CISSP
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.