Avp/sr. Manager/ Manager Security Operations Center With Large Private Bank

Year    Mumbai, Maharashtra, India

Job Description


  • Align with the SOC maturity roadmap and assign priorities for implementation.
  • Driving creating use cases for new scenarios and/or fine tuning the existing scenarios.
  • Help create play books in SOAR for various use cases that Tier 1/Tier 2 teams.
  • Provide overall direction for the SOC function and input to the overall cyber defense strategy.
  • Collaborate and create synergies within the cyber team and wider IT function.
  • Ensure SOC function is delivering the core monitoring, threat detection and response activities adhering to the defined SLAs and SOPs.
  • Help drive upskilling of existing SOC team members in new cybersecurity technologies.
  • Continuously monitor the effectiveness of incident detection and response solution and provide improvement inputs to SOC Architecture and Engineering teams.
  • Measure and mature the SOC service SLAs/KPIs from time to time.
  • Continuously work with technology teams to integrate new feeds into SIEM.
  • Broad knowledge of cybersecurity functions beyond traditional SOC operations (e.g. vulnerability management, application security, penetration testing, data protection, identity and privileged access).
  • Working knowledge of incident ticketing platforms
  • Should possess hands on experience of security Information Event Monitoring (SIEM) platforms, Endpoint Detection and Response (EDR) platforms, Network Security Monitoring (NSM)/Network Detection and Response (NDR) platforms and other leading tools and technologies of Cyber Defence domain.
  • Working knowledge of security alert triage and analysis methods (e.g., use of correlations, behaviors, and patterns, pivoting, enriching alert data and providing remediation recommendations)
  • Experience with threat hunting and threat hunting methodologies
  • Experience with cybersecurity incident response coordination and methods
  • Experience integrating cyber threat intelligence with security monitoring processes and threat hunting
  • Knowledge of detection rule logic management (e.g., creation, tuning and management methods)
  • Knowledge of cybersecurity frameworks (e.g., Mitre ATT&CK, VERIS, Cyber Kill Chain, Diamond Model, and other frameworks)
  • Knowledge of cloud infrastructures and cloud security monitoring (Azure, AWS, and GCP)
  • Knowledge of network communication concepts including ports, protocols, and encryption
  • Plan, direct and control the SOC functions and operation
  • Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation.
  • Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimise the impact of the threat.
  • Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
  • Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives
  • Revising and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
  • Responsible for overall use of resources and initiation of corrective action where required for Security Operations Center
  • Ensuring threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
  • Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
  • Co-ordination with stakeholders, build and maintain positive working relationships with them
  • Be a thought leader in security engineering and operations delivery - driving automation, analytics, and advanced threat analysis.
  • Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to drive operational excellence.
  • Benchmark, analyze, report on, and make recommendations for the improvement and growth of the Next Generation infrastructure and systems.
  • Participate in quarterly business reviews with vendors and customers.
  • Manage the deployment, monitoring, maintenance, development, upgrade, and support of all Client managed systems, operating systems, hardware, and software.
  • Keep current with the latest vendor updates, expansion opportunities, and technology directions, utilized in the Clients environment.
  • Collaborate and consult with other Group Managers on the overall advancement of the Emerging Services organization and Optiv in general.
  • Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency. Influence and improve existing processes through innovation and operational change.
  • Manage staffing, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions.
  • Develop and maintain an educational environment where the knowledge and performance of the group is constantly advancing.
  • Perform annual staff appraisals.
  • Develop and mentor staff through open communication, training and development opportunities, and performance management processes; build and maintain employee morale and motivation.
  • Ensure incident identification, assessment, quantification, reporting, communication, mitigation, and monitoring.
  • Drive the implementation of emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
  • Implement standards and procedures to ensure alerts are addressed with relevancy, accuracy and in a timely manner
  • Operate autonomously to further investigate and escalate in accordance with policies, procedures and defined processes
Educational Qualification
  • Engineering graduate from Computer Science, IT, Telecommunication or a similar discipline
  • Post-Graduation: PGDIT, MCA, MBA
Key Skills
  • Certification like CISSP, CISA or CISM
  • Ability to handle senior management escalation.
  • Vendor management Skills
  • Effective communication
  • Proficient team leader
  • Strategic skills
  • Decision making and communication.
  • Risk management skills
  • Knowledge of latest cyber security trends & global industry best practices pertaining to financial Industry
  • Technical working knowledge, understanding of SIEM technology, various other security technology (EDR, NDR, HIPS, WAF, IDS, IPS, Firewall, Networking) etc.
Experience
  • Overall 12 - 15 year on experience in Information/Cyber Security experience working in a SIEM tool (Next-Gen SIEM, UEBA, etc.) with strong background in security incident monitoring, response, and operations.
  • Experience in managing 24x7 Cyber Security Operations Center (CSOC) for 5+ years managing teams from Leadership level primarily involved in Cyber Defense
  • Experience in managing 20+ members team which may include vendor teams.
  • Certification like SANS, OSCP/OSCE and CREST will be added advantage (CEH, Security+, OSCP, CISSP or other industry-relevant cyber-security certifications and ITIL V3.0, GIAC (e.g. GCIA, GCFE, GCIH), ISC2 (e.g. CCSP), or EC-COUNCIL (e.g. CEH) preferred. Etc.)

RiverForest Connections

Beware of fraud agents! do not pay money to get a job

MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Job Detail

  • Job Id
    JD3443909
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Mumbai, Maharashtra, India
  • Education
    Not mentioned
  • Experience
    Year