SIEM SECURITY OPERATIONS CENTER SOC INFORMATION SECURITY ANALYST CISSP CISM ARCSIGHT QRADAR NETFORENSICS THREAT MANAGEMENT MALWARE ANALYSIS SIEM ANALYSTS LOG MONITORING LOG ANALYSIS SPLUNK SECURITY INCIDENT AND EVENT MANAGEMENT INCIDENT MA
Experience
14 to 20 Years
Industry
IT - Software Services
Functional Area
IT
Security Operations Center (SOC) Manager, Bangalore, INDIA Full Time UK Shift.
Prism N/Ws is seeking a Security Operations Center (SOC) Manager. The SOC Manager will be responsible for deploying, maintaining, tuning, monitoring, and managing all aspects of the SOC. The manager establishes and oversees SOC processes and practices to ensure the collection of security-relevant data, the correlation and analysis of this data, and the detection and appropriate response to threats.
1. Day to day management of the SOC team. Over time this may include management and scheduling of shift working in the SOC.
2. Understand the analysis events using our product EventTracker and reporting to clients.
3. Understand security incidents and the likely impact these will have on business networks and in turn their business operations.
4. Determine appropriate mechanisms for response to security incidents.
This could include:
* Acting as an escalation point for the Security Analysts in event of a Major Security Incident.
* Liaising with the business following a security incident and providing support as necessary until remediation has proved effective.
* Escalating incidents to senior staff in the event that a security incident has a potential wider impact to the business.
5. Run a continual service improvement programme for the security operations centre.
6. Perform Security Incident Response activities, coordinating with other stakeholders recording and reporting security incidents. Work incidents from inception to remediation.
7. Recognise potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analysis of relevant event detail and summary information Prepare briefings and reports of analysis methodology and results Create and maintain SOC procedural documentation Supporting the on-going threat intelligence and co-ordination activities.
8. Steer work on the design and operation of current and future toolsets that will support the SOC development, as per current understanding of future scenarios; namely alerting, monitoring and reporting.
9. Work on implementation usecases, including integration of Eventtracker with devices/applications.
10. Conduct break-fix activities to support and resolve incidents; develop knowledge articles for incident management.
Beneficial:
1. Proven experience in the operation and management of SIEM technologies;
2. Experience in operating and managing Splunk or similar big data forensic technologies.
3. Proven experience in operating SIEM systems in mission critical environments;
4. Should have a strong Team/People Management skills.
5. Excellent e-mail etiquette and communication skills.
6. Knowledge Establishing/Maintaining a Security Operation Center (SOC)
7. Should be technically very good. Willing to work in US/UK shift.
8. referably working in a SIEM domain.
9. Should be good in handling critical issues/clients requirements.
10. Ability to work with customers in a professional manner
11. Proven experience of general technology infrastructure technologies and principles
12. Strong leadership qualities and experience.
13. Knowledge and understanding of up to date security threats and common exploits
14. Rudimetary understanding of the underlying protocols and data used as the basis for the security monitoring service, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory
15. Knowledge and experience working with security tools used to monitor business environments (SIEM, netflow, IDS/IPS, Vulnerability Management, AntiVirus etc).
Preferred:
* Previous Tier I/II experience supporting SIEM products and/or advanced security technologies.
* CISSP, MSCE, CCNA, CEH or similar industry-recognized certifications.
If Interested, please send across your updated CV to swati@eventtracker.com
Warm Regards,
Swati Bhagat
Associate Manager – Human Resources
Prism Networks Pvt. Ltd. , Bangalore
Reachable at : +91-80-26671093
What is Eventtracker - http://www.eventtracker.com/eventtracker-intro/
Facebook: https://www.facebook.com/EventTracker
Website - www.eventtracker.com