SOC Manager – Security Operations Center Manager

Are you proactive and interested in society? Then we think you will thrive with us. Statistics Sweden (SCB) is the country's largest and leading source of knowledge within statistics. Our statistics are used everywhere, at home at the kitchen table, in news reporting, and by decision-makers in the Parliament and Government.

1 position(s).

RESPONSIBILITIES

SCB works actively with IT security, and in connection with one of our most important projects, we have a need to hire a SOC Manager.

As SOC Manager, you are responsible for leading and further developing the agency's Security Operations Center (SOC). The role covers both operational and strategic work, and involves:

• Leading, coaching, and developing the SOC team.
• Ensuring that the SOC has the right processes, tools, and competence to meet current and future cyber threats.
• Responsible for planning, prioritizing, and distributing tasks within the SOC.
• Monitoring the agency's security status by leading the continuous work with log and threat analysis.
• Ensuring efficient detection, classification, and handling of security incidents.
• Initiating and leading major incident investigations together with relevant functions within the agency.
• Following up on incidents and ensuring learning and improvements.
• Driving development within threat intelligence, detection capabilities, and automation of security processes.
• Developing and following up on relevant metrics and reports for the security status.
• Collaborating closely with IT operations, IT security architects, CISO, and other key functions within the agency.
• Participating in collaborations with other agencies, CERT functions, and external partners.
• Ensuring that the SOC's work follows laws, regulations, and guidelines, e.g., NIS2, MSB's regulations on information security, and the agency's internal security policy and procedures.
• Participating in the daily work of SOC technicians.
• Representing the SOC in internal and external forums.

QUALIFICATIONS

We want you to have:

• A university degree in data or systems science, or other relevant education, competence, and experience that we assess as equivalent.
• Good command of Swedish in both speech and writing.
• At least 1 year of experience in security monitoring in SIEM platforms such as Splunk, Sentinel, Elastic, Logpoint.
• At least 1 year of experience in understanding and leading work within incident management, threat analysis, and threat intelligence, detection techniques, rules, playbooks, and automation of security processes.
• At least 1 year of experience in working with network security, log management, and endpoint protection.
• Experience in leading teams within IT or security work.
• Skilled in driving improvement work and following up on results through metrics and KPIs.

Meritorious if you also have:

• Certifications within IT security.
• Good understanding of relevant regulations such as the Cyber Security Act, MCF's regulations on information security, Public Access to Information and Secrecy legislation.

You are self-assured, have good self-insight, and show personal maturity in your way of being. You relate in a way that is adapted to the situation.

You like to take initiative, contribute ideas, and drive the work forward. You will thrive with us if you are curious and proactive.

For this to be a good match for both you and us, it is important that you have a good ability to collaborate. You work well with other people and want to be part of a team where you contribute to your colleagues' well-being and success in their work.

Furthermore, you are structured and can plan, organize, and prioritize your work in an effective way.

You need to have good analytical skills and be able to process and interpret data in a quality-conscious manner. You like to work with complex issues.

Employment type: Permanent position.

This position is located at the IT/SV/VA section in Örebro. Based on the conditions of the business, there is an opportunity to work some time from home.

The employment is permanent and usually begins with a six-month probationary period. We will agree on a start date.

This position is security classified, so we will conduct a security investigation with register check before we make a decision on employment.

At our agency, the competence and potential of all employees are important. We believe in an inclusive culture where we benefit from our diversity and differences. You as a candidate share our approach: courage to act, trust in each other's competence and goodwill, drive to turn words into action, and everyone's responsibility to contribute to the whole.

You apply by registering your CV in Swedish. Attach your degree certificate with course description. Requirements for academic credits not included in a degree must be verified through study certificates/extracts from registers. In your application, you will answer a number of selection questions in our recruitment system, which you will access when you click Apply below. In this recruitment, we will place great importance on your personal qualities. If you have protected personal data, please contact the HR partner via SCB's switchboard.

We look forward to receiving your application!