Soc manager

Posted: July 6, 2020, 8:22 a.m. - Full Time - Pune

Jobs Description:

  • Experience in Monitoring SIEM solutions and a variety of other security devices found in a SOC environment (e.g. Behavioral Analytics tools, IDS/IPS, log management tools, and security analytics platforms.
  • Acknowledge and handle incoming security alerts.
  • Use the internal ticketing system and dashboards to update the tickets/alerts accordingly and escalating them to the appropriate teams if necessary.
  • Provide threat and vulnerability analysis as well as security advisory services.
  • Develop/update and follow Standard Operating Procedures (SOP’s) and Playbooks to handle standard and out-of-band alerts.
  • Report to the Incident Response Team quickly and efficiently regarding urgent matters.
  • Ensure ticket queues are always within satisfactory limits and all tickets are updated as per SLA’s.
  • Integrate and share information with internal departments and client operations teams.
  • Experience leveraging core security and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS)
  • Creating and maintaining documentation for security event processing.
  • Other interrelated tasks and responsibilities as assigned.
  • Availability to work on flexible hours, rotating shifts as necessary, working weekends, off-hours, and holidays.

Qualifications & skills

  • Excellent verbal and written communication skills
  • Excellent analytical and problem-solving skills required
  • Intense thirst for knowledge
  • 9- 12 years of experience in a SOC
  • Equivalent certifications (Security+, CEH)
  • Graduate or Master’s Degree

As Manager additional responsibilities would be:

  • Conduct weekly meeting with key SOC members and Client’s team
  • SLA Assurance and Management
  • Drive KPI improvements in SOC
  • Coordinate with the Client’s team to optimize SOC and for new SOC deliverables.
  • Review and publish monthly and quarterly MIS
  • MIS/KRI – includes a number of incidents, critical incidents, zero-day identification, and threat hunting report.
  • Manage the SOC process and technical documentation
  • Establish SOC governance to ensure smooth delivery and compliance of SLA
  • Resource/shift planning and assurance
  • Ensure the overall quality of SOC operations.