Cyber Security firm that operates a 24/7 Security Operations Center (SOC) in order to manage the detection and response of cyber security incidents on client networks. The SOC is expanding its capacity across North America. As part of that expansion, there is a new vacancy for a Presales Engineer.
The successful candidate will be able to bridge the gap between commercial and technical operations. Key areas of responsibility for this role include:
- Presentations to potential clients, e.g. explaining managed services.
- Technical scoping to determine scope and pricing.
- Business Intelligence Workshops, to ensure the client network and processes are fully understood prior to on-boarding.
- Client on-boarding, including managing user acceptance milestones.
- Production of high level reports detailing monthly client findings and operations.
- Regular service reviews to ensure client satisfaction.
This is a demanding role that requires operational experience. The role is most suited to an experienced technical person who has started to move in a commercial direction. Initial and ongoing training will be provided to build on the right candidates experience levels.
- Strong written and verbal communication skills, including presentations.
- Commercial awareness.
- Ability to understand scope and requirements.
- Defensive security, including hands on capabilities with at least one major SIEM and EDR product.
- Common enterprise technologies, e.g. Active Directory.
- Network architecture design and comprehension.
- General cybersecurity technical skills and awareness.
- At least five years of recent SOC experience.
- Scoping and commercially modeling security solutions.
- Assessing infrastructure and security risks within a client’s environment.
- Host or network intrusion.
- SOC Toolsets, e.g. LogRhythm or similar SIEM toolsets; Carbon Black, Tenable, etc.
- IDS and IPS, e.g. Snort, Palo Alto, Checkpoint, etc.
- Analysis of Event Logs, Active Directory and permissions-based control systems.
- Windows and Linux Operating Systems and logging requirements.
- Understanding of TCP/IP and underlying network protocols.
The following certification would be considered advantageous for this role.
- CISSP, CISM, or CASP type certifications.
- SIEM or EDR specific certification.
- Cloud vendor certification; especially AWS and Azure.
- Relevant SANS certification.
- Any host or network intrusion certification.
- Any other technical or commercial certification the candidate feels is relevant.
- Higher education degrees, especially BSc and MSc, are desired but not mandatory.