About the job Cyber Operations Manager
Key Responsibilities:
- Apply your knowledge of IT security, security operations, and incident response with a focus in Google Cloud Platform (GCP) specific knowledge to manage and oversee a shift of 24x7 cyber security operations and incident responders. Document processes and procedures comprehensively in the form of playbooks and reference guides.
- Handle and coordinate tasks such as incident management, threat hunting, forensic analysis, and remediation efforts to mitigate threats. Conduct regular assessments to identify vulnerabilities and insecure configurations, and review security change requests to ensure robust protective measures.
- Define and configure security monitoring tools, including alerts, correlation rules, and reporting mechanisms. Implement automation and orchestration to improve the efficiency and effectiveness of security monitoring and response processes, aiming for a unified "single pane of glass" solution.
- Leverage intelligence to lead and management incorporating threat monitoring and vulnerability detections to evaluate and respond effectively to events and developing risk severity level and mitigation approaches, incorporating feedback and lessons learned into enhanced preventive and detective controls.
- As a subject matter expert, stay updated on the latest security practices and technologies, mentor the team through knowledge-sharing sessions, and build strong relationships with internal tech groups to ensure strategic alignment and foster collaboration.
- Oversee work product(s) and lead small to medium size projects, managing deadlines, expectations, and often contributing to staffing decisions and supervising the work performed by junior staff.
Qualifications:
- Bachelors degree with 3-8 years of experience in Cyber security operations, with strong security knowledge of Google Cloud Platform and relevant certifications such as: CISSP and Google Professional Cloud Security Engineer, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, and AZ-900
- Both project and operational experience in security monitoring, security operations, and incident response activities; Experience implementing processes, including playbooks and
- Experience with scripting or automation, and ServiceNow is a plus.
- Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and teamwork. Experience leading meetings and operating effectively in a matrixed environment.
- Ability to participate in development of resource plans and project estimation.
Responsabilidades clave:
Aplicar sus conocimientos de seguridad informática, operaciones de seguridad y respuesta a incidentes, con especial atención a los conocimientos específicos de Google Cloud Platform (GCP), para gestionar y supervisar un cambio de operaciones de ciberseguridad 24/7 y personal de respuesta a incidentes. Documentar exhaustivamente los procesos y procedimientos mediante manuales y guías de referencia.
Gestionar y coordinar tareas como la gestión de incidentes, la búsqueda de amenazas, el análisis forense y las iniciativas de remediación para mitigar las amenazas. Realizar evaluaciones periódicas para identificar vulnerabilidades y configuraciones inseguras, y revisar las solicitudes de cambio de seguridad para garantizar medidas de protección robustas.
Definir y configurar herramientas de monitorización de seguridad, incluyendo alertas, reglas de correlación y mecanismos de generación de informes. Implementar la automatización y la orquestación para mejorar la eficiencia y la eficacia de los procesos de monitorización y respuesta de seguridad, con el objetivo de lograr una solución unificada de "panel único".
Aprovechar la inteligencia para liderar y gestionar, incorporando la monitorización de amenazas y la detección de vulnerabilidades para evaluar y responder eficazmente a los eventos, y desarrollar estrategias de mitigación y nivel de gravedad de los riesgos, incorporando la retroalimentación y las lecciones aprendidas en controles preventivos y de detección mejorados. Como experto en la materia, manténgase actualizado sobre las últimas prácticas y tecnologías de seguridad, guíe al equipo mediante sesiones de intercambio de conocimientos y forje relaciones sólidas con los grupos técnicos internos para garantizar la alineación estratégica y fomentar la colaboración.
Supervise los productos de trabajo y dirija proyectos pequeños y medianos, gestionando plazos y expectativas, y contribuyendo a menudo a las decisiones de contratación de personal y supervisando el trabajo del personal junior.
Requisitos:
Licenciatura con 3 a 8 años de experiencia en operaciones de ciberseguridad, con sólidos conocimientos de seguridad de Google Cloud Platform y certificaciones relevantes como CISSP y Google Professional Cloud Security Engineer, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH y AZ-900.
Experiencia operativa y de proyecto en monitorización de seguridad, operaciones de seguridad y actividades de respuesta a incidentes; experiencia en la implementación de procesos, incluyendo playbooks.
Experiencia con scripting o automatización, y ServiceNow es una ventaja.
Excelentes habilidades de comunicación verbal y escrita, colaboración, análisis y presentación para liderar un entorno impulsado por la atención al cliente y el trabajo en equipo. Experiencia liderando reuniones y operando eficazmente en un entorno matricial.
Capacidad para participar en el desarrollo de planes de recursos y la estimación de proyectos.
------
️ Job Description: Incident Handler / Incident Responder GCP Security
General Description
We are looking for a highly skilled Incident Handler / Incident Responder with strong expertise in cybersecurity operations and Google Cloud Platform (GCP) security. This role requires hands-on experience in incident management, threat hunting, forensic analysis, and security monitoring, with the ability to document processes and contribute to the continuous improvement of the organizations cyber defense capabilities.
The Incident Handler / Responder will play a critical role in detecting, analyzing, containing, and responding to cyber threats, while collaborating with cross-functional teams to enhance preventive and detective security measures.
Key Responsibilities
-
Manage and coordinate incident response activities, including detection, analysis, containment, eradication, and recovery.
-
Conduct threat hunting, forensic investigations, and vulnerability assessments to identify and mitigate risks.
-
Define and maintain security playbooks, procedures, and reference guides.
-
Configure, fine-tune, and monitor security tools (SIEM, SOAR, IDS/IPS, logging, and monitoring systems) for GCP and hybrid cloud environments.
-
Implement automation and orchestration to improve efficiency in incident response processes.
-
Review and validate security change requests, ensuring robust protection across systems.
-
Leverage threat intelligence and vulnerability detection to proactively strengthen security controls.
-
Collaborate with internal IT and security teams to align with best practices in cyber defense.
-
Stay current with emerging threats, vulnerabilities, and security trends, sharing knowledge with team members.
Qualifications
-
Bachelors degree in Computer Science, Information Security, or related field.
-
3-7 years of hands-on experience in cybersecurity operations, SOC, or incident response roles.
-
Proven knowledge of Google Cloud Platform (GCP) security and cloud-based environments (Azure, AWS is a plus).
-
Experience in incident handling, threat hunting, forensic analysis, and security monitoring.
-
Familiarity with scripting/automation for incident response (Python, PowerShell, Bash, etc.).
-
Experience with ticketing and workflow platforms (ServiceNow preferred).
-
Strong communication, analytical, and documentation skills.
-
Ability to work in a 24x7 operations environment (shift-based or on-call rotation).
Preferred Certifications
-
CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, AZ-900, Google Professional Cloud Security Engineer.