Posted: July 6, 2020, 8:22 a.m. - Full Time - Pune
- Experience in Monitoring SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms.
- Acknowledge and handle incoming security alerts.
- Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary.
- Provide threat and vulnerability analysis as well as security advisory services.
- Develop/update and follow Standard Operating Procedures (SOP’s) and Playbooks to handle standard and out-of-band alerts.
- Report to the Incident Response Team quickly and efficiently regarding urgent matters.
- Ensure ticket queues are always within satisfactory limits and all tickets are updated as per SLA’s.
- Integrate and share information with internal departments and client operations teams.
- Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
- Creating and maintaining documentation for security event processing.
- Other interrelated tasks and responsibilities as assigned.
- Availability to work on flexible hours, rotating shifts as necessary, working weekends, off-hours, and holidays.
Qualifications & skills
- Excellent verbal and written communication skills
- Excellent analytical and problem-solving skills required
- Intense thirst for knowledge
- 9- 12 years of experience in a SOC
- Equivalent certifications (Security+, CEH)
- Graduate or Master’s Degree
As Manager additional responsibilities would be:
- Conduct weekly meeting with key SOC members and Client’s team
- SLA Assurance and Management
- Drive KPI improvements in SOC
- Coordinate with the Client’s team to optimize SOC and for new SOC deliverables.
- Review and publish monthly and quarterly MIS
- MIS/KRI – includes a number of incidents, critical incidents, zero-day identification, and threat hunting report.
- Manage the SOC process and technical documentation
- Establish SOC governance to ensure smooth delivery and compliance of SLA
- Resource/shift planning and assurance
- Ensure the overall quality of SOC operations.