Job Description

Position Details - SOC Manager As part of its overall expansion, BluSapphire is ramping up its Security Operations Center and is looking for smart, dynamic, passionate, and seasoned professionals with a go getter attitude & client facing experience to extend the team. As a SOC Manager you will own end to end responsibility of SOC team success. The role requires some overnight, weekend, and 24x7 on-call activities after the initial ramp up period of 60 days. This role reports to the Director - Operations. Location - Hyderabad Desired Qualification - B.Tech or BE Computers / MCA. Has at least couple of following certifications - CISSP, GCIA, CCNA, OSCP, OSCE. Experience - Over all 10 - 12 years of experience in information security & cybersecurity with at least 3+ years of experience as a SOC Manager. Employment Type - Full Time Job Requirements Following general attributes are required: o A team player with the ability to work independently and unsupervised. o Ability to own delegated tasks and see them through to completion. o Ability to manage time and prioritize work to maximize productivity. o Excellent communication skills (both written and verbal). - SOC Manager o Exceptional attention to detail and quality. o Critical thinking and excellent problem-solving techniques and trouble analysis skills. o Good interpersonal skills - clear communication, attentive & careful listening, empathetic behavior, being positive, supporting useful ideas & honest efforts of colleagues and his/her reports. The candidate should have a good knowledge of: o Cybersecurity concepts. o Endpoint security concepts, controls, and best practices for workstation (e.g. Windows and Mac) and server (e.g. Windows and Linux) operating systems. o General IT networking concepts, protocols, standards and network security concepts, controls, and best practices. o Cryptography fundamentals and data security controls and best practices. o Advanced forensics, malware assessment, threat intelligence. o Security standards/best practices and frameworks. o Prior experience in deploying, configuring, managing, and/or operating security technologies is preferred, such as endpoint security (e.g. AV/EPP/EDR), SIEM, DLP, SWG, CASB, UEBA, IDS, IPS, firewalls, IAM/PIM/PAM, vulnerability management, MDM, etc. Experience working with service providers and network management platforms. Customer-facing, with good report-writing skills and strong communication skills at all levels. Ability to provide technical and service leadership to L1 and other L2 analysts. Be a thought leader in the SOC. Fundamental understanding of programming/scripting. Job Responsibilities Execute ongoing, operational business-as-usual (BAU) tasks to meet management - defined KPIs and SLAs and deliver security projects in line with management-defined priorities and deadlines. Stay current with the latest security news, threats, intelligence, tactics, techniques, and vulnerabilities. Research and analyze new threats and vulnerabilities to determine exposure. Perform threat hunting and review, triage, investigate and escalate security alerts raised by security tools, technologies, and services (e.g. endpoint security, network security, DLP, SIEM, reported phishing emails, etc.) Assist and/or lead efforts to isolate, contain, respond to, and recover from security incidents. Identify, review, prioritize, plan, coordinate, and follow-up on the remediation of vulnerabilities. Configure, customize, tune, manage, troubleshoot, and maintain to ensure effective and efficient operation of security technologies, such as SIEM, endpoint security, secure web gateway, CASB, DLP, email security, intrusion detection/prevention systems, etc. This may also include scripting, automation, and orchestration across the various platforms. Define, document, and follow approved processes for all the responsibilities includes in this job description. Create and maintain documentation for systems, including design and operation. Review systems, configurations, and process to ensure and report on compliance with BluSapphire policy, client requirements, audit controls, regulations, and industry best practices. Provide best practice security recommendations to IT and other teams within BluSapphire as well as its Partners and Clients, based on review results. Respond to information security-related inquiries and requests. Expertise on Vulnerability Assessment, Penetration Testing & Forensic Analysis. Deep analysis of Security Events / Incidents communicated by L1 and other L2 members. Handle Critical & High Severity incidents / issues on priority & provide a fix along Root Cause Analysis. Correlates threat intelligence to identify the threat actor, nature of the attack, and systems or data affected. Defines and executes on strategy for containment, remediation, and recovery. Manages and configures security monitoring tools - advanced. Prioritizes and triages alerts or issues to determine whether a real security incident is taking place. Actively hunts for threats that have made their way into the network, as well as unknown vulnerabilities and security gaps. Use Case Management, Rules Tuning, Offensive Report Validation. Validate reporting activities & present the same to corresponding Partners & Clients. Proficient in handling client escalations & incident response activities. Interact with external parties to resolve the queries relating to incidents raised. Responsible for managing shift coverage to meet 24/7 requirement. Train L1/L2 via planned knowledge transfer & internal training sessions. Management Reporting - real-time metrics and scheduled reports. Conduct trend analysis on alerts/incidents and use outputs to tune security tooling and drive process/procedure changes accordingly. Ensure quality of ticketing & runbook maintenance Cultivate and maintain strong vendor relationships. Have an attitude of continuous improvement. Ensure team members have clear objectives/development plans. Align Teams objectives to OKRs. Be the escalation point for security incidents & Security Operations issues. Responsible for team development, upskilling & mentoring. Providing Performance Reviews to the SOC team.

foundit