Security Lead Sentinel, Security Operations

Rackspace Cyber DefenseSecurity Lead Security OperationsAbout Rackspace Cyber DefenceRackspace Cyber Defence is our next generation cyber defense and security operations capability that builds on 20 years of securing customer environments to deliver proactive risk-based threat-informed and intelligence-driven security services Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises private cloud public cloud and multi-cloud workloads Our goal is to go beyond traditional security controls to deliver cloud-native DevOps-centric fully integrated 24x7x365 cyber defense capabilities that deliver a proactive threat-informed risk-based intelligence-driven approach to detecting and responding to threats Our mission is to help our customers Proactively detect and respond to cyber-attacks - 24x7x365 Defend against new and emerging risks that impact their business Reduce their attack surface across private cloud hybrid cloud public cloud and multi-cloud environments Reduce their exposure to risks that impact their identity and brand Develop operational resilience Maintain compliance with legal regulatory and compliance obligations What we re looking forTo support our continued success and deliver a Fanatical Experience to our customers Rackspace Cyber Defence is looking for a Security Lead for security Operations This role is particularly well-suited to a self-starting experienced and motivated Security Lead who is commercially aware service-oriented and has a proven record of accomplishment in delivering and managing a security operations centre SOC The Security Lead will be the face of Rackspace s security services and responsible for the leadership and management of a multi-disciplinary security operations center SOC that serve Rackspace Cyber Defense customers Key Accountabilities Should have experience of 14 years in SOC and Security Eng Managing a team of first responders as part of a resolver group or pod you will ensure the Customer s operational and production environment remains secure and any threats are raised and addressed promptly This can include monitoring at both the network and application level Identification of a customer s critical assets using technical tools and interviews Use of enhancement of or implementation of new relevant technology tooling to ensure a customer s configuration and security policies are enforced Use of threat intelligence platforms such as OSINT to understand the latest threats Researching and analysing the latest threats to better understand an adversary s tactics techniques and procedures TTPs Automation of security processes and procedures to enhance and streamline monitoring capabilities Ensure any reported vulnerabilities are resolved within agreed SLA timeframes In-depth knowledge of each Rackspace customer s environment Providing relevant reporting and analysis including breach root cause analysis if required to customers on an agreed frequency Maintain close working relationships with relevant teams and individual key stakeholders such as incident response and disaster recovery teams as well as information security etc May be required to work flexible working hours Critical Incident Handling Closure and Deep investigation and analysis of critical security incidents Post-breach forensic incident analysis reporting and Advanced threat hunting Assist with customer onboarding - loading of feeds etc to Sentinel Develop custom dashboards and reporting templates and Develop complex to customer-specific use cases Advanced platform administration and Solution recommendations for issues Co-ordinate with different teams for issue resolution Skills Experience Experience of managing a team of Security Operations Engineers or equivalent Experience of working in large-scale public cloud environments and using cloud-native security monitoring tools such as - Azure Security Centre and Sentinel o GCP Security Command Centre Chronical o AWS Security Hub including AWS Guard Duty AWS Macie AWS Config AWS Security Lake and AWS CloudTrailo Vulnerability Management Qualys Microsoft Defender o Endpoint Management CrowdStrike and Microsoft Defender for Point Knowledge of security standards good practice such as NIST ISO27001 CIS OWASP and Cloud Controls Matrix CCM etc Experience of security controls such as network access controls identity authentication and access management controls IAAM and intrusion detection and prevention controls Adept at analysing malware and email headers and has skills in network security intrusion detection and prevention systems operating systems risk identification and analysis threat identification and analysis and log analysis Computer science engineering or information technology related degree although not a strict requirement Holds one or more of the following certificates or equivalent - o Certified Information Security Systems Professional CISSP o Systems Security Certified Practitioner SSCP o Certified Cloud Security Professional CCSP o GIAC Certified Incident Handler GCIH o GIAC Security Operations Certified GSOC A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail A great analyser trouble-shooter and problem solver who understands security operations programming languages and security architecture Highly organized and detail oriented Ability to prioritise multitask and work under pressure An individual who shows a willingness to go above and beyond in delighting the customer A good communicator who can explain security concepts to both technical and nontechnical audiences About Rackspace TechnologyWe are the multicloud solutions experts We combine our expertise with the world s leading technologies - across applications data and security - to deliver end-to-end solutions We have a proven record of advising customers based on their business challenges designing solutions that scale building and managing those solutions and optimizing returns into the future Named a best place to work year after year according to Fortune Forbes and Glassdoor we attract and develop world-class talent Join us on our mission to embrace technology empower customers and deliver the future More on Rackspace TechnologyThough we re all different Rackers thrive through our connection to a central goal to be a valued member of a winning team on an inspiring mission We bring our whole selves to work every day And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age color disability gender reassignment or identity or expression genetic information marital or civil partner status pregnancy or maternity status military or veteran status nationality ethnic or national origin race religion or belief sexual orientation or any legally protected characteristic If you have a disability or special need that requires accommodation please let us know