Soc lead

Posted: May 20, 2021, 7:11 a.m. - Full Time - Ahmedabad

• Responsible for working in a 24x7 Security Operation Center (SOC) environment
• Leading a team of 8-12 L1/L2 SOC team members
• Manage and work with the team in implementing SIEM solution
• Responsible for integration of standard and non-standard logs in SIEM
• Fine-tune alerts generated from SIEM and other related tools maintenance
• Provide analysis and trending of security log data from a large number of heterogeneous security devices.
• Provide Incident Response (IR) support when analysis confirms actionable incident.
• Analyze and respond to previously undisclosed software and hardware vulnerabilities Investigate, document, and report on information security issues and emerging trends.
• Provide threat and vulnerability analysis as well as security advisory services.
• Lead and manage Security Operations Center
• Primarily responsible for security event monitoring, management and response
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
• Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
• Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
• Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
• Management, administration & maintenance of security devices under the purview of ITRC which consists of state-of-the art technologies
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
• Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
• Co-ordination with stakeholders, build and maintain positive working relationships with them
• Fine-tune and triage of alerts generated from SIEM and other related tools maintenance
• Manage security incidents and reporting on a timely basis
• Analyze and validate security threats and recommend appropriate countermeasures to minimize the associated risks
• Analyze threat intelligence feeds and stay abreast of cyber security related risks that may affects customers
• Work with other teams to evaluate, implement and enhance security for infra, hybrid or cloud projects
• Implement and manage SIEM and other security tools
• Manage and monitor ongoing VAPT
• Manage day to day SOC team issues and challenges
• Open to work in shifts, if required.
• Ensure that the team is available 24/7 to monitor threats and logs
• Work with IT and development teams in mitigating identified risks and vulnerabilities via VAPT
• Work with the management on other adhoc tasks