SOC Alpha

Job DescriptionWe are looking for a highly experienced information security professional to help leading one of the clusters of Synergistic Security Operation Center to monitor security alerts, respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization and to assist the SOC team in its mission to secure our customer requirements.

Roles & Responsibilities

• Serve as an escalation point for all Threat Analysts on shift for complex/unusual alerts/cases/requests/incidents.
• Hands on working Experience on any SIEM tool (Qradar /Alien Vault/ McAfee ESM/DNIF).
• Daily review of security alerts/logs with follow-up on any suspicious activity.
• Review cases escalated by Threat Analysts to investigate, respond and remediate; Ensure an effective flow of escalated cases; and Conduct quality assurance of cases.
• Coaching junior team members and contribute in streamlining SOC operations for continuous improvement.
• Experience in Incident Management System; Assist the team in developing the incident response strategy and then creating and assigning response actions to Threat Analysts as needed;
• Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks.
• Proactively monitor, identify and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems.
• Work in concert with team members, Information Security engineering, and relevant Subject Matter Experts to process, analyze and drive the remediation of identified IT related vulnerabilities Responsible to follow the IT Security Incident Response policies and tools.
• Contribute to Information Security policies, standards, and supporting documentation.
• Root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols.
• Responding to inbound security monitoring alerts, emails, and inquiries from the organization.
• Providing support for Incident Response, including evidence collection, documentation, communications, and reporting.
• Maintaining and improving standard operating procedures and processes

Eligibility

Education Requirements:
• Bachelor of Engineering (BE) - Computer Science(CS) / Information Science(IS), Bachelor in Computer Application (BCA), Masters in Computer Application(MCA), Masters of Technology
(M.Tech), Masters in Computer science and Information Science, Masters in Forensic analysis / Cybersecurity
• Certifications: CISSP, SANS GCIH, Security+ Certified Ethical Hacking (CEH), Cisco Certified Network Associate (CCNA) etc.

Preferred Skills:
• Networking concepts
• Information security concepts
• Data Analysis
• Linux and troubleshooting and domain knowledge
• Windows and troubleshooting and domain knowledge
• Exposure to SIEM tools
• Data Analytics for Security

Personal Attributes:
• Excellent verbal and email Communication Skills.
• Strong interpersonal and presentation skills.
• Ability to handle difficult situations effectively.
• Ability to analyze and solve complex issues.
• Able to prioritize and execute tasks in a high-pressure environment.
• Keen attention to detail.
• Experience working in a team-oriented, collaborative environment.
• Flexible and multi-tasking ability, coordinating work effort over numerous projects.

Work Conditions:
• 24/7 shifts applicable; 3 shifts
• Strong ability to work and meet demanding deadlines.
• Ability to function in an ambiguous environment. Ability to work outside normal hours and/or locations.
Some travel may be required for on-site meetings, conferences or training.