Talent.com
Security Operations Center - SOC

Security Operations Center - SOC

ConfidentialMumbai
30+ days ago
Job description

Responsibilities :

  • Cyber Security Event Review & Leadership : Review cyber security events analyzed by Level 2 security analysts and act as the team lead, serving as the escalation point for detection, response, and remediation activities.
  • Monitoring & Guidance : Monitor and guide the team in triaging cyber security events, prioritizing them, and recommending / performing appropriate response measures.
  • Technical Support : Provide expert technical support for various IT teams in response and remediation activities for escalated cyber security events / incidents from L2 analysts and stakeholders.
  • Incident Follow-up & Closure : Ensure all cyber security incident tickets are followed up diligently until full closure.
  • Analyst Guidance & Mentorship : Provide clear guidance and mentorship to L1 and L2 analysts in analyzing events and executing response activities.
  • Incident Response Expediting : Intervene and expedite Cyber incident response and remediation-related activities in case of any delays, coordinating effectively with various teams, including L1 and L2 team members.
  • Policy & Best Practice Review : Review and provide valuable suggestions during the preparation of information security policies and best practices for client environments.
  • SLA & Communication : Ensure that all Service Level Agreements (SLAs) and contractual requirements are met in a timely manner, maintaining effective communication with all stakeholders.
  • Reporting & Dashboards : Review Daily, Weekly, and Monthly dashboard reports and share them with relevant stakeholders, providing clear insights into security posture.
  • Documentation & Playbooks : Review all security-related documents, update playbooks, and maintain other standard operational procedures to ensure accuracy and relevance.
  • System Documentation Validation : Validate client systems and IT infrastructure documentation, ensuring all records are current and accurate.
  • Knowledge Sharing & Threat Intelligence : Share knowledge with team members on current security threats, trends in attack patterns, and new security tools.
  • Use Case Development & Validation : Review and create new use cases based on emerging attack trends. Validate these use cases through selective testing and logic examination.
  • Threat Detection Rule Development : Develop and maintain threat detection rules, parsers, and use cases to enhance the SIEM's detection capabilities.
  • Security Analytics Understanding : Possess a strong ability to understand security analytics and data flows across various SaaS applications and cloud computing tools.
  • SIEM Solution Deployment : Be capable of deploying SIEM solutions in customer environments.

Required Skills :

  • Core SOC Monitoring experience.
  • Proficiency with SOC tools such as FortiSOAR, IBM QRadar, MS Defender, and Cisco Umbrella .
  • Strong experience in analyzing malicious traffic and building detections.
  • Experience in applications security, network security, and systems security.
  • Knowledge of MITRE or similar frameworks and adversary procedures.
  • Expertise with SIEM Solutions (Securonix / Splunk / Sumologic / LogRhythm / ArcSight / Qradar).
  • Strong communication skills, both written and oral, capable of effectively communicating with internal teams and external stakeholders.
  • Experience working on SMB & large enterprise clients.
  • Good understanding of ITIL processes , including Change Management, Incident Management, and Problem Management.
  • Strong expertise on multiple SIEM tools & other devices found in a SOC environment.
  • Good knowledge in firewalls, IDS / IPS, AVI, EDR, Proxy, DNS, email, AD, etc.
  • Good understanding of raw Log formats of various security devices like Proxy, Firewall, IDS / IPS, DNS.
  • Solid foundational understanding of networking concepts (TCP / IP, LAN / WAN, Internet network topologies).
  • Knowledge of regex and parser creation .
  • Ability to mentor and encourage junior teammates.
  • Strong work ethic with good time management skills.
  • Coachability and dedication to consistent improvement.

    • Good to Have :

  • Master's degree.
  • Relevant certifications like CEH, CISA, CISM.
  • Be a key person for developing Thought Leadership within the SOC.

    • Skills Required

    Itil, Change Management, Incident Management

    Create a job alert for this search

    Security Center Soc • Mumbai