Cyber Operations

Company Description Our Client in India is one of the leading providers of risk, financial services and business advisory, internal audit, corporate governance, and tax and regulatory services. Our Client was established in India in September 1993, and has rapidly built a significant competitive presence in the country. The firm operates from its offices in Mumbai, Pune, Delhi, Kolkata, Chennai, Bangalore, Hyderabad , Kochi, Chandigarh and Ahmedabad, and offers its clients a full range of services, including financial and business advisory, tax and regulatory. Our client has their client base of over 2700 companies. Their global approach to service delivery helps provide value-added services to clients. The firm serves leading information technology companies and has a strong presence in the financial services sector in India while serving a number of market leaders in other industry segments.  Job Description Key Responsibilities:•???Manage and perform day-to-day security monitoring and incident response activities for 24x7 operations, using a thorough understanding of cybersecurity. Use XSOAR skills to enhance workflows, automate processes, and improve efficiency. Identify opportunities for improvement and utilize XSOAR to optimize security operations. •Response activities may include incident response, incident management, driving remediation or threat mitigation, threat hunting, and forensic analysis. Utilize XSOAR to streamline and automate these processes, enhancing security operations` effectiveness. Develop automated playbooks in XSOAR for vulnerability identification and remediation to ensure comprehensive security monitoring coverage.•Serve as a service owner and subject matter expert for XSOAR to enhance delivery and integration. Stay current on information security controls, practices, techniques, and capabilities, focusing on XSOAR advancements. Facilitate skill development for security personnel on monitoring and incident response by mentoring and conducting sessions on using XSOAR for automation and improving efficiency.•Lead efforts to build and maintain effective relationships with multiple internal technology groups, ensuring strategic alignment across teams. Promote collaboration and standardization among these federated technology groups, focusing on shared interests and priorities. Serve as a key subject matter expert for XSOAR, guiding others to achieve organizational goals and objectives. •Leverage intelligence to lead and manage threat and vulnerability monitoring, respond appropriately, and develop risk mitigation strategies. Continuously incorporate learnings into preventive and detective controls. Define security configurations for monitoring tools—alerts, correlation rules, and reporting—using vendor products, services, open-source, and custom utilities.•Implement automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes. Document processes and procedures in the form of playbooks and reference guides. •Integrate processes and technologies, with the objective of a "single pane of glass" for monitoring and comprehensive security response process. •Provide input into business cases and presentations to leadership of proposed security products and studies. Produce operating metrics and key performance indicators. •May oversee work product(s) and lead entire small to medium size projects, managing deadlines, expectations, and often contributing to staffing decisions and supervising the work performed by more junior staff; provide coaching, mentoring and feedback to such individuals and may also serve as a formal performance manager of a team of junior employees. Required Qualifications:•Bachelor’s degree with 5-8 years of experience in Cyber security operations, and demonstratable experience with Palo Alto Cortex or other security orchestration and automation implementation.?•Both project and operational experience in security monitoring, security operations, and incident response activities; preferably within a professional services firm or similar environment. •Experience implementing processes, including playbooks and procedures, defining security monitoring rules, and providing management oversight of security tooling.•Hands on network and administration skills with Linux, Windows, cloud security, Active Directory, SIEM and security infrastructure (e.g. Microsoft Sentinel and related technology stack, such as Microsoft Purview) are relevant.•Excellent English verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and teamwork. Experience leading meetings and operating effectively in a matrixed environment. •Ability to participate in development of resource plans and project estimation.Preferred Qualifications: •Experience with Palo Alto Cortex product.•Cybersecurity certifications include but not limited to CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, and AZ-900.