Job Description
Title: Security Information and Event Management (SIEM)
Location: Bengaluru
Exp: Minimum 12 year(s) of experience is required
Job Description:
Roles & Responsibilities:
- Expected to be an SME.
- Collaborate and manage the team to perform.
- Responsible for team decisions.
- Engage with multiple teams and contribute on key decisions.
- Expected to provide solutions to problems that apply across multiple teams.
- Facilitate training sessions to enhance team knowledge on security protocols.
- Conduct regular assessments of security measures to identify areas for improvement.
- Act as an incident commander, correlating incidents (IT/OT SOC) to provide investigation direction to L2 SOC.
- Manage critical/high-severity and sophisticated cyber incidents.
- Lead and drive crisis management for security incidents (P1s and P2s), instilling confidence in the client's CISO office through effective containment and remediation strategies.
- Drive PIR (Post-Incident Response), lessons learned and propose applicable use cases to enhance detection capabilities post-security incidents.
- Stakeholder management experience – internal and client and experienced in handling difficult conversations to come up with a win-win scenario.
- Ensure quality and efficiency in incident response by L1/L2 SOC teams.
- Ensure accuracy of SOPs, playbooks, and IR – coverage all threat vectors
- Ensuring MITTR attack coverage and continuous focus on improving detection capabilities.
Develop and execute service improvement plans.
- Present SOC service performance to the Customer SOC and GRC Manager on a monthly basis.
- Provide inputs to the Customer Security Engineering Manager on issues, new developments, testing, and implementation for SOAR Playbooks & Security analytics detection use cases
- Contribute to the development, maintenance, and standardization of SOC processes, policies, and procedures.
- Participate in cross-partner council meetings to address resolution delays by incumbent partners.
- Engage in breach and attack simulation exercises, Tabletop exercise and drive remediation efforts.
- Define paths for professional advancement (technical and soft skills).
- Execute all responsibilities on a 24/7 basis.
Location: Bengaluru
Exp: Minimum 12 year(s) of experience is required
Job Description:
Roles & Responsibilities:
- Expected to be an SME.
- Collaborate and manage the team to perform.
- Responsible for team decisions.
- Engage with multiple teams and contribute on key decisions.
- Expected to provide solutions to problems that apply across multiple teams.
- Facilitate training sessions to enhance team knowledge on security protocols.
- Conduct regular assessments of security measures to identify areas for improvement.
- Act as an incident commander, correlating incidents (IT/OT SOC) to provide investigation direction to L2 SOC.
- Manage critical/high-severity and sophisticated cyber incidents.
- Lead and drive crisis management for security incidents (P1s and P2s), instilling confidence in the client's CISO office through effective containment and remediation strategies.
- Drive PIR (Post-Incident Response), lessons learned and propose applicable use cases to enhance detection capabilities post-security incidents.
- Stakeholder management experience – internal and client and experienced in handling difficult conversations to come up with a win-win scenario.
- Ensure quality and efficiency in incident response by L1/L2 SOC teams.
- Ensure accuracy of SOPs, playbooks, and IR – coverage all threat vectors
- Ensuring MITTR attack coverage and continuous focus on improving detection capabilities.
Develop and execute service improvement plans.
- Present SOC service performance to the Customer SOC and GRC Manager on a monthly basis.
- Provide inputs to the Customer Security Engineering Manager on issues, new developments, testing, and implementation for SOAR Playbooks & Security analytics detection use cases
- Contribute to the development, maintenance, and standardization of SOC processes, policies, and procedures.
- Participate in cross-partner council meetings to address resolution delays by incumbent partners.
- Engage in breach and attack simulation exercises, Tabletop exercise and drive remediation efforts.
- Define paths for professional advancement (technical and soft skills).
- Execute all responsibilities on a 24/7 basis.
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application