Smurfit Westrock plc
Our technology organization is transforming how we work at Smurfit Westrock. We align with our businesses to deliver innovative solutions that:
Address specific business challenges, integrate processes, and create great experiences
Connect our work to shared goals that propel Smurfit Westrock forward in the Digital Age
Imagine how technology can advance the way we work by using disruptive technology
We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology.
Location and/or Business/Division Details (if applicable) Security Operations (SOC) Manager – Atlanta, GA Position Summary The Security Operations (SOC) Manager is responsible for all security operations tasks and management of the Security Operations Center to prevent, identify, detect, and respond to threats to WestRock. The SOC Manager will be expected to work alongside the in-house and co-source SOC staff to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and lead security investigations and incident response. This person will provide general advice and guidance on topics related to information security, threat management, security monitoring, and incident response.
How you will impact WestRock:
Build, staff, lead and manage 24x7 Security Operations Center day to day operations providing technical oversight.
Mentor, train and develop team members in triage and investigation methodologies.
Responsible for performance management and career development of team members
Responsible for expanding the SOC’s capabilities and developing threat intelligence, threat hunting, digital forensics, and improving incident response.
Lead Incident Response efforts in coordination with HR, Legal, Privacy and Corporate Security initiatives and investigations.
Provide oversight for the integration of standard and non-standard logs into the SIEM and continuous creation, review & tuning of SIEM detection rules
Revise and develop processes (SOPs and runbooks) to strengthen the current operational activities; reviewing policies and recommend changes to improve governance
Create reports, dashboards, metrics for SOC operations and present to leadership and internal stakeholders
Assist in the design, evaluation, and implementation of new security technologies
Manage any strategic partner engagements to include MSSPs
What you need to succeed:
Minimum of eight (8) years of experience in information security related positions, preferably in event analysis, firewall management, intrusion prevention, threat intelligence, anti-virus management or SIEM management.
3+ years leading a SOC and/or Incident Response teams
Experience building and maintaining a security operations center
Experience building and maintaining a high-performance team of analysts
Understanding of SIEM tools such as Splunk, QRadar, LogRhythm, Elastic, etc.
Understanding of endpoint security tools such as Carbon Black, CyberReason, CrowdStrike, etc.
Strong expertise in threat intelligence platforms, SOAR, DLP, and UBA tools
Bachelor’s Degree in Computer Science or a related field of study
Preferred Certifications:
GIAC Certified Incident Handler - GCIH
GIAC Certified Intrusion Analyst – GCIA
Certified Information Systems Security Professional – CISSP
Certified Information Security Manager - CISM
Strong technical, analytical, interpersonal, communication and writing skills
The ability to explain technical threats to both technical and non-technical audiences
Strong decision-making skills and the ability to exercise composure and professionalism while managing both crisis and non-crisis situations
Expertise in Incident Response, Security Monitoring, and Cyber Threat Intelligence in large, heterogeneous, complex enterprise computing environments.
Proficiency in Python and other programming languages used for malware analysis and tool integration preferred.
Must be an independent self-starter, possess excellent written communication and can demonstrate the ability to present complex, technical information to both technical and non-technical audiences.
What we offer:
Corporate culture based on integrity, respect, accountability and excellence
Comprehensive training with numerous learning and development opportunities
An attractive salary reflecting skills, competencies and potential
A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work.
Candidates are required to undergo a drug screening after receiving a conditional job offer, but before starting employment.
#J-18808-Ljbffr
Address specific business challenges, integrate processes, and create great experiences
Connect our work to shared goals that propel Smurfit Westrock forward in the Digital Age
Imagine how technology can advance the way we work by using disruptive technology
We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology.
Location and/or Business/Division Details (if applicable) Security Operations (SOC) Manager – Atlanta, GA Position Summary The Security Operations (SOC) Manager is responsible for all security operations tasks and management of the Security Operations Center to prevent, identify, detect, and respond to threats to WestRock. The SOC Manager will be expected to work alongside the in-house and co-source SOC staff to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and lead security investigations and incident response. This person will provide general advice and guidance on topics related to information security, threat management, security monitoring, and incident response.
How you will impact WestRock:
Build, staff, lead and manage 24x7 Security Operations Center day to day operations providing technical oversight.
Mentor, train and develop team members in triage and investigation methodologies.
Responsible for performance management and career development of team members
Responsible for expanding the SOC’s capabilities and developing threat intelligence, threat hunting, digital forensics, and improving incident response.
Lead Incident Response efforts in coordination with HR, Legal, Privacy and Corporate Security initiatives and investigations.
Provide oversight for the integration of standard and non-standard logs into the SIEM and continuous creation, review & tuning of SIEM detection rules
Revise and develop processes (SOPs and runbooks) to strengthen the current operational activities; reviewing policies and recommend changes to improve governance
Create reports, dashboards, metrics for SOC operations and present to leadership and internal stakeholders
Assist in the design, evaluation, and implementation of new security technologies
Manage any strategic partner engagements to include MSSPs
What you need to succeed:
Minimum of eight (8) years of experience in information security related positions, preferably in event analysis, firewall management, intrusion prevention, threat intelligence, anti-virus management or SIEM management.
3+ years leading a SOC and/or Incident Response teams
Experience building and maintaining a security operations center
Experience building and maintaining a high-performance team of analysts
Understanding of SIEM tools such as Splunk, QRadar, LogRhythm, Elastic, etc.
Understanding of endpoint security tools such as Carbon Black, CyberReason, CrowdStrike, etc.
Strong expertise in threat intelligence platforms, SOAR, DLP, and UBA tools
Bachelor’s Degree in Computer Science or a related field of study
Preferred Certifications:
GIAC Certified Incident Handler - GCIH
GIAC Certified Intrusion Analyst – GCIA
Certified Information Systems Security Professional – CISSP
Certified Information Security Manager - CISM
Strong technical, analytical, interpersonal, communication and writing skills
The ability to explain technical threats to both technical and non-technical audiences
Strong decision-making skills and the ability to exercise composure and professionalism while managing both crisis and non-crisis situations
Expertise in Incident Response, Security Monitoring, and Cyber Threat Intelligence in large, heterogeneous, complex enterprise computing environments.
Proficiency in Python and other programming languages used for malware analysis and tool integration preferred.
Must be an independent self-starter, possess excellent written communication and can demonstrate the ability to present complex, technical information to both technical and non-technical audiences.
What we offer:
Corporate culture based on integrity, respect, accountability and excellence
Comprehensive training with numerous learning and development opportunities
An attractive salary reflecting skills, competencies and potential
A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work.
Candidates are required to undergo a drug screening after receiving a conditional job offer, but before starting employment.
#J-18808-Ljbffr