View all jobs

IT Security Operations Center Lead

Sacramento, California
Amick Brown is looking for an experienced IT Security Operations Center Lead for our direct client in the public sector.

Location: Sacramento, CA
Duration: 1 Year with possible extension

Amick Brown is looking for an experienced IT Security Operations Center Lead for our direct client in the public sector.

  • Build, lead, guide, and motivate the team in a dynamic, rapidly-evolving environment centered around the use of people, process and technology to ensure security and resilience throughout the enterprise
  • Lead and perform threat hunting for malicious activity across the organization's information systems and respond to automated computer security event triggers
  • Coordinate measurement, and reporting of SOC performance metrics; and Lead ad hoc and formal briefings related to SOC metrics
  • Ensure team members are following protocols to sense, prevent and mitigate threats accurately
  • Provide subject matter expertise in security threat analysis, hunting, detection, and response across information system environments, build IR run books and automated workflows
  • Recommends implementation of counter-measures or mitigating controls
  • Directly assist in assessing, developing, and maturing the capabilities of the SOC; including the maturation of people, processes, and technology
  • Generate and build relevant security dashboards, trends, and metrics as needed for the Information Security leadership team to track and communicate performance, coverage, risks, and compliance
  • Ensures all pertinent information is collected to allow for the identification, containment, eradication, and recovery actions to occur in a time-sensitive environment
  • Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
Required Skills:
  • Bachelor's degree in Computer Science or related field, or equivalent work experience
  • 4-years of experience in Security Operation Centers or a similar role with at least 2-years leading and managing all aspects of a Security Operation Center
  • Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA) or SANS GIAC Network Forensic Analyst (GNFA) or SANS GIAC Continuous Monitoring (GMON) or related Degree
  • Candidate must have familiarity Cyber Kill Chain, MITRE ATT&CK, and NIST Cyber security Frameworks
  • Have demonstrated expertise in developing, implementing and managing operations center programs
  • Experience with scripting preferably with Python/PowerShell
  • Knowledge of common indicators of compromise and of methods for detecting these incidents
  • Knowledge of IT core infrastructure and cybersecurity components/devices
  • Experience monitoring threats via a SIEM console with significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
  • Knowledge of diverse operating systems, networking protocols, and systems administration, and system forensic investigation techniques
  • Be adept at managing crises; provide front-line leadership in coordinating responses to a myriad of crises
Amick Brown is an Information Technology consulting company specializing in ERP, Data Analytics, Information Security, Application Development, Networking, and Cloud Computing. The company was founded in 2010 and is headquartered in San Ramon, California.
Regular full-time employees are eligible for the following Amick Brown provided benefits: 
  • Health
  • Vision
  • Dental
  • 401k with company match
  • Paid time off
  • Sick Leave
  • Short-Term Disability
  • Life Insurance
  • Wellness & Discount Programs
Share This Job
Powered by