EY SOC Shift Leader in All, Oman

Title: SOC Shift Leader

Location: OM-All-Muscat

Job Number: MUS000IK

Job Summary:

EY is seeking a world leading Security Operations Center (SOC) Shift Leader to join a unique and much sought after global team and network of SOCs. The position will be awarded to a passionate and driven individual who wants to join an elite team to make a real difference in protecting some of the world’s leading organizations from the active cyber threat landscape.

The SOC shift leader will be responsible to oversee daily shift operations and a great team of analysts within the EY SOC running 24 hours, 7 days a week.. Responsibilities include to manage, mentor, and lead a team of SOC analysts providing cyber security monitoring services to various clients. The position will report to the SOC Manager and work with the SOC Project teams, Engineers, OT/IoT specialists, technicians and other shift leaders to triage, escalate, and manage responses from security alerts for our clients through its cyber security monitoring services. Shift leader will be the lead decision maker within the operations center and will help identify, assess and coordinate communication and respond to security related incidents and crisis management issues.

Key Responsibilities:

  • Manage team of passionate and driven security professionals, provide the team with a vision of project objectives, coach and help develop team members

  • Coordinate with all team members to ensure the EY SOC is functionally staffed at all times

  • Analyze the security incidents and provide timely resolution to the respective stake holders

  • Prepares operational documentation for operational teams in use of security solutions

  • Handling escalations and work as L3 analyst for remediation of Security Incidents

  • Review Security Controls logs/ alerts, findings, and perform network analysis for malicious activities

  • Handling Vulnerability Management and co-ordinate with various stake holders and help them in the remediation

  • Ensure all technicians are aware of and properly adhere to procedures, Service Level Agreements

  • Train resources on new process and provide regular updates

  • Identify and assist supervisor in improving Employee engagement


To qualify, candidates must have:

We are looking for Cyber Security Operations Centre Professionals with capability and experience in some of the following areas:

  • Excellent team work skills, passion and drive to succeed and combat Cyber threats

  • Leadership capabilities and experience to motivate a diverse group of individuals, strong interpersonal skills to foster a team environment, and the ability to create and implement action plans

  • Ability to lead and motivate teams in a dynamic, mission-critical operations environment

  • Previous supervisory experience in leading a SOC shift team

  • Good knowledge of SIEM technologies and platforms such as Splunk, Arcsight, QRadar or others – from an Analyst’s point of view

  • Good knowledge and experience of Security Monitoring

  • Good knowledge and experience of Cyber Incident Response

  • Good knowledge and experience of Cyber Threat Intelligence and the role it plays

  • Awareness of Big data analytics, dashboards, eGRC and behavioral analysis tools.

  • Awareness of Cyber OT and IoT issues

  • Awareness of Attack & Penetration Testing / Ethical Hacking

  • Awareness of Application Security Risk Assessment

Qualifications & Experience :

  • Must have an honors degree in a technical field such as computer science, mathematics, engineering or similar field

  • 3 years of working in a security or emergency operations center

  • 2 years in a leadership role

  • Must have a proven record of effective leadership capabilities, be innovative and creative when working to solve problems and demonstrate good judgment while under pressure

  • Able to operate autonomously, use discretion when dealing with sensitive information, and apply sound business principles and data analysis to identify problems and initiate actions to address them

  • High-level customer service skills as demonstrated by way of previous work history

  • Ability to work any shift within the 24/7 operation, including holidays and weekends and / or be on call basis

  • Experience maintaining metrics and SLA’S

  • Demonstrate working knowledge in Workplace Violence, Crisis Management – Business Continuity / Emergency Response

  • Willingness to be active in the training, coaching, and development their team

  • Knowledge / awareness of SIEM technologies and platforms such as Splunk, Arcsight, QRadar or others

  • Network monitoring technology platforms such as Fidelis XPS, RSA or others

  • End point protection tools, techniques and platforms such as CarbonBlack, Symantec, McAfee or others

  • General network knowledge, TCP/IP Troubleshooting

  • Ability to track down an endpoint on the network based on ticket information

  • Familiarity with system log information and what it means

  • Understanding of common network services (web, mail, DNS, authentication)

  • Knowledge of host based firewalls, Anti-Malware, HIDS, endpoint security tools

  • In depth Desktop OS and Server OS knowledge

  • Strong analytical and problem solving skills