Technology Services - Senior Process Manager - Socc Job in Eclerx

Description

The Ideal Experience Map:

Typically requires 8+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration, and over 4-6 years of experience designing and deploying cybersecurity solutions for operations at the enterprise level

Roles and Responsibilities:

• Oversees the planning, execution, and management of cyber command centre operations
• Serves as a subject matter expert (SME) for performing security and threat assessments and preparing mitigation plans
• Manage a team of individuals and vendors to provide support to cyber command center which is built to protect data across the enterprise
• Monitors networks for signs of adversarial activity as a key member of the cybersecurity command centre
• Develops and updates incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
• Monitoring, analysing, and detecting security events and incidents as per the defined policies
• Manage, tune, and optimise SIEM tool (Alienvault / LogRhythm), which includes evaluating existing rules, filters, events and use cases per the business requirement
• Provide recommendation to optimise security controls such as IDS / IPS, endpoint security, vulnerability management, data loss prevention (DLP) Symantec
• End to end management of DLP or VAPT incidents, tasks and reporting
• Ensure strict implementation of configuration management (Device hardening control)
• Handling escalated security incidents / issues and be responsible for deep dive analysis of escalated incidents, threat hunting and malware analysis
• Identify opportunities for continuous improvement in security operations
• Ensure service level agreements are met and processes are followed

Technical and Functional Knowledge:

• Experience and good knowledge on network security technologies like Firewall, IPS/IDS, SIEM, DDOS, Proxy, WAF, VAPT, IBM App scan, nessus
• Experience and good knowledge on End Point security technologies like Anti-malware, EDR and Data Protection technologies like DLP , Data Encryption and so on
• Knowledge on networking technologies like Router / Switches, load balancer etc.
• Experience in working for Dynamic SOC environments and numerous SOC such as Alienvault, LogRhythm, Sourcefire IPS/ IDS, Cisco AMP, Digital Guardian, Proofpoint
• Experience on VA tools like (Burpsuite pro, NMAP, Metasploit, Wireshark, OWASP ZAP, SQLMAP, Aircrack, Alpha external wireless card, H-Ping)
• Good Network Security knowledge, TCP/IP, Linux, Windows, etc.

People Management and Personality Traits:

• Work with SOC manager for creating new operational guidelines, processes and procedures
• Act as the last point of escalation for SOC team, and assist with handing out work assignments to the team members
• Serve as primary operational contact with client and management in the absence of the manager
• Guide and mentor reporting manager and analysts with investigation and mitigation of security threats and incidents
• Develop and mentor staff by providing opportunity of growth through delegation, training and assignment of various projects
• Strong team player and ability to work in a challenging and constantly changing environment.
• Strong customer focus with an understanding of client expectations
• Strong communication, writing and interpersonal skills
• Proficiency with case management and ticketing systems