Security Operations Center

**About **Thentia**

Thentia is a fast-growing, venture capital-backed software as a service (SaaS) company that is emerging as a world leader in government technology with a platform that is transforming and modernizing how regulatory organizations are conducting business. A company of builders, thinkers, and owners, Thentia gives employees the opportunity to create amazing solutions, showcase their talents, and benefit from our shared success as we scale up in the U.S., Canadian, and global markets. Further, Thentia’s solutions directly impact public trust and regulatory integrity, helping regulators and agencies meet 21st century standards by leveraging predictive analytics, Big Data, AI, and other innovative capabilities. Internally, our culture fosters collaboration, inclusivity, intellectual curiosity, and professional development. We lead by our values of customer focus, integrity, accountability, adaptability, achievement, purpose, team work, and authoritativeness.

**About **The Role**

The Security Operations Center (SOC) is the nerve center, a department that actively monitors and protects company assets, data, users, as well as its customers and customer data from active or emerging cyber threats. The SOC is a proactive business function, with reactive capabilities. A leadership position, the SOC Lead works with multiple technology platforms and interfaces with other groups within IT Security Operations, Cloud Engineering, any offshore partners, and other technology and business functions.

The role requires technical competence and experience collaborating with matrixed teams. Additionally, the role requires familiarity with recent threats and adversarial techniques, as well as the ability to quickly understand complex environments. Technical and interpersonal skills are essential to manage risk to the business, interface with other business units and collaborate with other InfoSec analysts. The SOC Lead contributes to the company IT security strategy and roadmap and is an excellent communicator at both the staff and management levels.

The role requires technical competence and a passion to continuously increase knowledge about the core technologies and data flows of the company.

**Responsibilities**
- Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor team compliance with security standards and appropriate policies.
- Partner with the security engineering, IT, cloud engineering, and development teams to improve tool usage and workflow, as well as with the Red Team to mature monitoring and response capabilities.
- Continuously improve processes involving repetitive tasks and drive efficiencies so analysts can work on more advanced tasks.
- Evolve our Security Operations Centre including SIEM log analytics, incident response, blue-team operations and manage maintain the SOC environment to enable scaling as we begin servicing EU as well as US and Canadian clients.
- Coordinate the vulnerability and configuration monitoring program including assisting with the annual red-team penetration testing and provide management reporting.
- Assess, evaluate, and make recommendations to the VP, Information Security regarding the adequacy of the security controls.
- Assist with disaster recovery/contingency plans and security plans, document computer security and emergency measures policies, procedures, and tests.
- Monitor and report on violations of computer security procedures; discuss enforcement procedures with the VP, Information Security to ensure violations are not repeated.
- Confer with other teams to discuss Security’s involvement in new and existing technology deployments and maintain relationships with those teams.
- Manage the communications with our users to discuss issues such as computer data access needs, security violations, and programming changes.
- Facilitate Security Training to educate all employees and promote security awareness..
- Deliver Security Training to SOC Analysts to help improve their skillset.
- Keep abreast of information security issues and regulatory changes.
- Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position.
- Routinely contribute metrics and cost details to assure sustainability of the Security Operations Center function and the Information Security program
- Deliver other Information Security outcomes as requested by VP, Information Security
- Lead team through incident management following the breach response procedures
- Manage the incident response tripwires, processes, and procedures with improvement from lessons learned guide.
- QA security findings submitted by an Information Security Analyst and to escalate any critical and highs to the VP of Information Security if they are likely to exceed the policy mandated remediation targets
- Provide consolidated report of security findings to the VP, Information Security
- Rev