Soc lead

Posted: Jan. 7, 2023, 5:25 a.m. - Full Time - Ahmedabad

Job Title Team Lead-SOC Department Cyber Security

Reporting to Head Cybersecurity Operations Location Ahmedabad

Job Objective

through research, threat simulations, threat hunting, and offensive security engagements.

The position of Incident Response is responsible for leading incident response engagements and activating other

teams in case of critical incidents. This role requires hands-on technical expertise and ability to communicate

effectively. In support of these, candidates with extensive forensics, incident response and cyber security

experience are encouraged to apply.

Roles and Responsibilities

· Providing first line response to customer alerts and ensuring internal security teams are alerted

· Responsible for handling day-to day operations to monitor, identity, triage and investigate

security events from various Endpoint (EDR), Network and Cloud security tools and detect

anomalies, and report remediation actions

· Responsible for detecting and responding to security incidents, coordinating cross-functional

teams to mitigate and eradicate threats

· Responsible for triaging security incidents and conducting response actions to detect, contain

and remediate identified security incidents

· Analyze firewall logs, server, and application logs to investigate events and incidents for

anomalous activity and produce reports of findings

· Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, and

malicious code to identify, contain, eradicate, and ensure recovery from incidents

· Responsible for handling security incidents reported by third parties or external security


· Determine root cause analysis and create post-mortem report for security incidents

· Track security events and incidents in SOAR tool

· Develop and document threat driven response playbooks to support security incidents

· Provide knowledge sharing, mentoring, and support of team members

· Maintain current knowledge and understanding of the threat landscape and emerging security


· Assist in the creation and maintain Autodesk Security Response Centre's process and tools


· Provide support as on-call personal during security incident

· Responsible for working in a 24/7 environment including night shifts and the shifts are decided

based on the business requirement.

· Maintain a high level of confidentiality and Integrity.

· Effectively investigative and identify root cause findings then communicate findings to

stakeholders including technical staff, and leadership

· Author Standard Operating Procedures (SOPs) and training documentation when needed

· Generates end-of-shift reports for documentation and knowledge transfer to subsequent

analysts on duty.

· Should be comfortable to be part of 24*7 SOC services.

Job Requirements

Educational qualifications:

· Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).

· Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the


· One or more security-related certifications from any of the following organizations: SANS - [GCIH, GCFE,

GCFA], AWS, Azure Cloud security Certifications or equivalent are desired


· 4+ years of cyber security experience in incident response

· Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics

· Strong understanding of Security Operations and Incident Response process and practices

· Experience performing security monitoring, response capabilities, log analysis and forensic tools

· Strong understanding of operating systems including Windows, Linux and OSX

· Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools

· Experience with IR and Forensic investigations within Cloud environments such as AWS and Azure

· Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)

· Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team

· Excellent verbal and written communication skills

· Should be comfortable to be part of 24*7 SOC service