Managing multiple shifts of Security Operations Centre Managers performing security event monitoring and incident identification for 24×7 Security Operations Centre
Provide tactical and strategic direction for the Security Operations Centre staff, program development & maturity roadmap
To validate the Incidents reported by SOC operators.
To escalate timely when the SLA for alerting is not met.
To identify the incidents if there are any missed by SOC operators
To interact with external parties to resolve the queries relating to the raised incidents.
To manage the SIEM, incidents knowledge base.
To generate the daily reports, weekly reports and monthly reports on time.
To maintain the timely delivery of reports.
To maintain the updated and latest log baselines.
The security analyst monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2information security specialist, and/or customer as appropriate to perform further investigation and resolution.
Recommend enhancements to SOC security process, procedures and policies.
Participate in security incident management and vulnerability management processes.
Participate in evaluating, recommending, implementing, and troubleshooting security solutions and evaluating IT security of the new IT Infrastructure systems.
Works as part of a team to ensure that corporate data and technology platform components are safeguarded from known threats
Communicate effectively with customers, teammates, and management
Provide input on tuning and optimization of security systems
Follow ITIL practices regarding incident, problem and change management
Document and maintain customer build documents, security procedures and processes.
Staying up-to-date with emerging security threats including applicable regulatory security requirements.
Other responsibilities and additional duties as assigned by the security management team
Qualifications
Ideal candidates will have as much of the following
High-level understanding of TCP/IP protocol and OSI Seven Layer Model.
Knowledge of security best practices and concepts.
Knowledge of Windows and/or Unix-based systems/architectures and related security.
Intermediate level of knowledge of LAN/WAN technologies.
Must have a solid understanding of information technology and information security.
Certification in at least one industry-leading SIEM product.
Preferred Information Security professional designations such as CISSP, CISM, CISA
3-5 years previous Security Operations Centre Experience in conducting security investigations
Detail oriented with strong organizational and analytical skills
Strong written communication skills and presentation skills
Self-starter, critical and strategic thinker, negotiator and consensus builder
Good knowledge of IT including multiple operating systems and system administration skills (Windows, Linux)
Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products
Strong understanding of security incident management, malware management and vulnerability management processes
Security monitoring experience with any SIEM technologies and intrusion detection technologies
Experience with web content filtering technology -policy engineering and troubleshooting
Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
A Bachelor’s Degree / Diploma in a relevant area of study with a preference for Information Security, Computer Science or Computer Engineering
Excellent English written and verbal skills.
Shift work required
After-hours availability required
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.