Cyber Security Operations Lead - ARCO a Family of Construction Companies
St. Louis - Brentwood, MO 63144
About the Job
Do you have a passion for enabling business with secure, top-tier technology? Do you thrive in a fast paced and ever-evolving environment? Then we have the next career move for you! Who are we? We are ARCO, a Family of Construction Companies.
The Cyber Security Operations Lead acts as a team leader in the building and maintaining of security operations services including monitoring and responding to security events. The Cyber Security Operations Lead implements, administers, monitors security solutions and infrastructure. This includes network security systems, endpoint detection and response (EDR), security information and event monitoring (SIEM) system logging and analysis, application security, endpoint privileged management (EPM), threat intelligence, forensics, identity and access management (IAM), and vulnerability management solutions.
As a senior member of the team, the role requires a strong ability to lead and mentor team members through the strategy directed by senior management. In addition to technical skills, the Security Operations Lead is results-oriented and demonstrates effective problem-solving and communication skills. The Lead Security Administrator often serves as a subject matter expert for technology colleagues and line-of-business managers.
WHAT WE CAN OFFER YOU:We are dedicated to the well-being of our associates and are proud to be consistently recognized as a Best Place to Work. Our compensation and benefits package not only supports our associates and their families but benefits local communities and communities around the world.
- Industry-leading performance-based bonus program
- 100% company funded retirement contributions
- Traditional and Roth 401k
- Tuition reimbursement for associates
- Scholarship for associates’ children up to $28,000 per child
- 1-month paid sabbatical after every five years of employment, plus $5,000 for travel
- 1-week paid volunteer leave each year
- 100% charitable match
- Medical, dental, and vision insurance coverage
- 100% paid 12-week maternity leave
At ARCO, our first core value is to treat people fairly and do the right thing. We are committed to building and sustaining a culture that supports diversity and inclusion. We are proud to be an equal opportunity employer, and all qualified applicants will receive consideration for employment.
From recruiting, training, and hiring practices to selecting our subcontractors, we understand that diversity of all those involved in the construction process enhances our ability to deliver the best solutions to our customers. We hire the best and the brightest from across the country – constructing a team of experts in architecture, design, engineering, project management, and business services.
A DAY IN THE LIFE:- Work as a part of a team to deliver, oversee, and guide security operations services required to support ARCO business goals.
- Lead security incident response efforts ensuring they are handled in a timely and effective manner, partnering with other departments as needed.
- Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress or deficiencies requiring additional attention.
- Lead and mentor security associates monitoring and responding to security events and request tickets.
- Identify root causes, prioritize threats, recommend and implement corrective actions.
- Automate repetitive tasks and drive efficiencies so SOC Admin can work on more advanced tasks.
- Evaluate and update security operations policies, procedures, and playbooks as appropriate, ensuring compliance with industry regulations and standards.
- Lead and guide security tool management including the creation and maintenance of security tool documentation and configuration practices.
- Attend and engage in change and project management meetings.
- Remain current with new security threats and assessing systems to ensure they can defend and minimize impact to the business.
- Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associates.
- Ensure security training is provided to all employees including phishing training.
- Participate in Security Team activities and perform other duties as assigned.
- At least 5-8 years’ experience in cyber security operations including security monitoring and incident response, system and network security engineering
- Highly technical and analytical expertise, with a proven background in technology design, implementation and delivery.
- Extensive knowledge and experience administering security controls and technologies, such as SIEM, IDS/IPS, Endpoint Privileged Management (EPM), Secure Internet Gateway (SIG), vulnerability management, security configuration monitoring, firewalls, endpoint detection and response (EDR), threat intelligence, security automation and orchestration, and application controls.
- Experience driving measurable improvement in monitoring and response capabilities.
- Experience with Microsoft Azure or Amazon Web Services (AWS).
- Highly trustworthy; leads by example.
- CISSP; CISM and/or SANS certification a plus.