SOC Lead, Security Operations

at Rackspace Technology
  • Remote - India

Remote

Cybersecurity

Senior

Job description

Rackspace Cyber Defense

Security Lead, Security Operations

Shift Timings: 1 pm to 10 pm IST

About Rackspace Cyber Defence

Rackspace Cyber Defence is our next generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence-driven security services.

Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud, and multi-cloud workloads.

Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric, fully integrated 24x7x365 cyber defense capabilities that deliver a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.

Our mission is to help our customers:

•Proactively detect and respond to cyber-attacks – 24x7x365.

•Defend against new and emerging risks that impact their business.

•Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.

•Reduce their exposure to risks that impact their identity and brand.

•Develop operational resilience.

•Maintain compliance with legal, regulatory and compliance obligations.

What we’re looking for

To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for a Security Lead for security Operations.

This role is particularly well-suited to a self-starting, experienced, and motivated Security Lead, who is commercially aware, service-oriented, and has a proven record of accomplishment in delivering and managing a security operations centre (SOC.)

The Security Lead will be the face of Rackspace’s security services and responsible for the leadership and management of a multi-disciplinary security operations center (SOC) that serve Rackspace Cyber Defense customers.

Key Accountabilities

•Should have experience of 12 years in SOC and Security Eng.

•Managing a team of first responders, as part of a resolver group (or pod), you will ensure the Customer’s operational and production environment remains secure and any threats are raised and addressed promptly. This can include monitoring at both the network and application level.

•Identification of a customer’s critical assets using technical tools and interviews.

•Use of, enhancement of, or implementation of new, relevant technology tooling to ensure a customer’s configuration and security policies are enforced.

•Use of threat intelligence platforms such as OSINT, to understand the latest threats. Researching and analysing the latest threats to better understand an adversary’s tactics, techniques, and procedures (TTPs).

•Automation of security processes and procedures to enhance and streamline monitoring capabilities.

•Ensure any reported vulnerabilities are resolved within agreed SLA timeframes.

•In-depth knowledge of each Rackspace customer’s environment.

•Providing relevant reporting and analysis (including breach root cause analysis, if required) to customers, on an agreed frequency.

•Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.

•May be required to work flexible working hours.

•Critical Incident Handling & Closure and Deep investigation and analysis of critical security incidents.

•Post-breach forensic incident analysis reporting and Advanced threat hunting.

•Assist with customer onboarding – loading of feeds, etc. to Sentinel.

•Develop custom dashboards and reporting templates and Develop complex to customer-specific use cases.

•Advanced platform administration and Solution recommendations for issues.

•Co-ordinate with different teams for issue resolution

Skills & Experience

•Experience of managing a team of Security Operations Engineers, or equivalent.

•Experience of working in large-scale, public cloud environments and using cloud-native security monitoring tools such as: -  Azure Security Centre and Sentinel o GCP Security Command Centre, Chronical.

oAWS Security Hub including AWS Guard Duty, AWS Macie, AWS Config, AWS Security Lake and AWS CloudTrail

oVulnerability Management: Qualys, Microsoft Defender.

oEndpoint Management: CrowdStrike and Microsoft  Defender for Point.

•Knowledge of security standards (good practice) such as NIST, ISO27001, CIS, OWASP and Cloud Controls Matrix (CCM) etc.

•Experience of security controls, such as network access controls; identity, authentication and access management controls (IAAM); and intrusion detection and prevention controls.

•Adept at analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis.

•Computer science, engineering or information technology related degree (although not a strict requirement)

•Holds one, or more, of the following certificates (or equivalent): - o Certified Information Security Systems Professional (CISSP) o Systems Security Certified Practitioner (SSCP) o Certified Cloud Security Professional (CCSP)

oGIAC Certified Incident Handler (GCIH) o GIAC Security Operations Certified (GSOC)

•A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.

•A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.

•Highly organized and detail oriented. Ability to prioritise, multitask and work under pressure.

•An individual who shows a willingness to go above and beyond in delighting the customer.

•A good communicator who can explain security concepts to both technical and nontechnical audiences.

About Rackspace Technology

We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.

More on Rackspace Technology

Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.

Share this job:
Please let Rackspace Technology know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Latest Jobs at Rackspace Technology

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply