Manager, Security Operations Center
Now, more than ever, the Toast team is committed to our customers. We’re taking steps to help restaurants navigate these unprecedented times with technology, resources, and community. Our focus is on building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love. And because our technology is purpose-built for restaurants, by restaurant people, restaurants can trust that we’ll deliver on their needs for today while investing in experiences that will power their restaurant of the future.
We’re looking for a technical manager that enjoys solving problems, and looks forward to the challenge of building a new department in Toast's security organization. Working with the Application Security and Corporate Security teams, you and your team will complete the Security Triad as the Security Operations Center. You will have the flexibility to build up a largely greenfield team in an organization that has established tools and budget to build a best of breed SOC.
This position should expect a mix of hands on technical work and leadership.
About this roll* (Responsibilities)
- Recruit, lead, and mentor a team of 5+ Security Operations professionals
- Deliver quality security outcomes, drive accountability within the organization, and drive towards continuous improvement
- Prepare metrics, reports, run books, documentation, and tabletop exercises
- Perform vendor management tasks, such as: audit, risk management, compensating controls, and balancing security requirements vs business needs
- Ability to handle high pressure situations with key stakeholders
- Coordinate with other security and compliance teams to deliver a comprehensive security vision within the organization, and an overall collaborative relationship
- Drive execution of daily, weekly, and monthly metrics for statistical threats and KPIs
- Evaluate existing SIEM rules, filters, events, and use cases, and adapt to meet the business requirements
Do you have the right ingredients*? (Requirements)
- Previous experience building , mentoring, and managing a team of 3+ security professionals
- Deep knowledge and experience in Incident Management and Response
- Knowledge of threats and vulnerabilities associated with application and network security in a cloud environment (AWS).
- In-depth knowledge of current cybersecurity threats and trends, security concepts such as cyber-attacks and techniques, threat vectors, and risk management
- Professional experience in container and DevOps technologies (such as e.g, Kubernetes, Jenkins, Docker, and OpenShift) as well as hands on experience with container security platforms (e.g. PrismaCloud).
- Understanding of and experience with Red team/Blue team activities
- Familiarity with Mitre Att&ck Framework
- Proven ability to tune correlation rules and outcomes via security information and event management (SIEM / Splunk) and security orchestration, automation, and response (SOAR) platforms
- Familiarity with Linux and Windows capabilities and with network and host based forensic processes
- Understanding of intrusion detection systems, web application firewalls, and IP reputation systems
- Strong knowledge of the principles of implementation and operation and experience with security technology such as firewalls, multi-level security implementation, security assessment, monitoring and profiles tools (e.g. IDS/IPS, SEIM, AV, etc.).
*Bread puns encouraged but not required