SOC Admin
NMS ConsultantMumbai, IndiaJob Description : -
The Use-Cases Factory worker is responsible for designing, implementing, and managing use-cases within the CyberSOC Detect from the log integration to the incident handling playbook. This role involves creating detection and response mechanisms to identify and mitigate cybersecurity threats, ensuring the organization & digital environment remains secure.
He will interact with various stakeholders who may request compliance, business, or threat use-cases, among others.
The Use-Cases Admin is responsible for :
Develop and deploy use-cases to detect security threats into our SIEM from the log collection to the incident handling playbook. Fine-tune detection rules to minimize false positives and false negatives.
Maintain detailed documentation of use-cases, ensuring transparency and accountability.
Manage execution of standard procedures for the content management, change management and lifecycle management of the use-cases.
Work closely with other IT and security teams to develop specific use cases and to enhance the overall security posture of the organization. Share insights and recommendations to improve overall cybersecurity posture.
Regularly review and update use-cases to adapt to the evolving threat landscape and incorporate new threat intelligence.
Manage reports, dashboards, metrics for CyberSOC KPIs and presentation to senior management & other stakeholders.
Skills
Bachelor's degree in Computer Science, Information Security, EXTC or related field.
Relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are highly desirable.
Proven experience (3+ years) working within the Cybersecurity field, with a focus on developing and managing use-cases.
Excellent understanding and proven hands-on experience in SIEM / SOAR concepts such as log collection, correlation, aggregation, normalization, parsing, playbooks, layouts.
Experience with Palo Alto XDR and / or other SIEM platforms like Sentinel, Qradar, Splunk, ArcSight, etc.
Experience with Palo Alto XSOAR and / or equivalent SOAR Platforms like Resilient, Phantom, etc.
Proficiency in scripting languages (e.g., Python, Bash) for automation and customization of security processes is highly desirable.
Deep understanding of various cyber threats, attack vectors, and defense mechanisms.
Create a job alert for this search
Soc • Mumbai, India
- Promoted
SOC Admin
NMS ConsultantMumbai, Maharashtra, India- Promoted
IT / Computer security Analyst as Admin Executive
KMM Infotech Solutions Private LimitedKalyan-Dombivli, IN- Promoted
JIRA & Confluence Admin - Ghansoli
Mizuhomumbai, maharashtra, in- Promoted
Chief Information Security Officer
Aimhirethane, maharashtra, in- Promoted
Microsoft channel sales Partner & Center Administrator
Cybertech Systems & Software Limited Thane Wthane, maharashtra, in- Promoted
People & Admin Operations Executive
ASafe GlobalKalyan-Dombivli, IN- Promoted
Billing & Accounts Administrator (AP / AR)
Telelink Business SystemsThane, IN- Promoted
Salesforce Administrator
Quantum Global KidsThane, IN- Promoted
Designated Person Ashore - Company Security Officer
CMA SHIPSKalyan-Dombivli, IN- Promoted
OCI Admin
TekgeminusMumbai, IN- Promoted
Smartsheet Administrator
TrantorKalyan-Dombivli, IN- Promoted
Mendix Admin Any Tech M location
Tech Mahindradombivli, maharashtra, in- Promoted
Administrative Officer
Somerset Exports PVT LTDthane, maharashtra, in- Promoted
Solaris Administrator
Tata Consultancy Servicesmumbai, maharashtra, in- Promoted
- New!
SOC Head
IDFC FIRST Bankmumbai, maharashtra, in
SOC Admin_SG
Trigent Software Private LimitedMumbai, MH, India- Promoted
- New!
Coupa Administrator
YALLO GroupKalyan-Dombivli, IN- Promoted
SOC SME
WTW GLOBAL DELIVERY AND SOLUTIONS INDIA PVT LTD.Mumbai- Promoted
Deployment Officer
SapaadKalyan-Dombivli, IN- Promoted
