Soar L3

Job Responsibilities:
- Must Have Skills:

- Playbook, **SOAR** Integration, CEH, SIEM, SOAR, Splunk, Security Operations
- Integrate respective solution / technology with every other solution / technology deployed in the GCSOC setup
- Automation of all L1 & L2 activities within first year,
- Migration of data & logs from currently running SOC to new GCSOC
- Collaborate closely with Technical Account Manager (TAM) and engineering division of the respective OEM for early resolution to the product level cases, vulnerabilities, bugs, features enhancement, patches, versions etc.
- Single point of contact to the Bankʼs stakeholders with respective OEM
- Maintain the suitable architecture of the technology solution
- Perform threat modelling of the Bankʼs assets and accordingly define the necessary use cases - Execute Major changes without any disruption and adverse impact.
- Continuously deliver the value of solution to the Banking terms of detecting all kind threats, accuracy of detection, value added use cases and content development etc.
- Improvise threat hunting capabilities of the technology
- Continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to threat detection and prediction capabilities and put in place advanced use cases
- Continuous fine tuning of configuration, rules, policies etc.
- Continuous innovation and automations in intuitive dashboards, report, queries.
- Optimization of response time to fetch data, logs in advanced queries, reports, dashboards etc. - Closely collaborate with onsite team of bidder and other GCSOC OEMs to leverage each technologyʼs capabilities to develop inter.
- GCSOC and inter-IT Infrastructure technologies& services, logs, data ingestion, correlation, alerting etc. and automation.
- Ensure logs ingestion from SBDL automation of incident, vulnerability etc. remediation through SOAR
- Threat Intel feed analysis, provide appropriate recommendations, define use cases to detect the threats according to the information provided in Threat intel.
- Participate in DR, cyber, tabletop drills etc.
- Responsible for ensuring end to end tight integration of the Bankʼs IT Assets, other GCSOC solutions, Applications etc.
- Provide management report on respective solutions effectiveness.
- Provide necessary support during the Forensics investigation and threat hunting.
- Perform continuous assessment of respective solution maturity against global standards and fine tune the configuration parameters, technical policies, rules, algorithms accordingly.
- Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times.
- Provide on the job training to the officials of the Bank and bidder through structured and unstructured methods. Assess job knowledge of officials.
- Participate in meetings, discussions etc. to provide technology specific perspective. Make presentations on the current technology capabilities, use cases, automation done etc. and current and future enhancements / roadmap etc.
- Work at GCSOC as per Bankʼs working calendar & hours and on holidays if situation demands.
- Above is illustrative list of general activities. Technology specific activities shall be arrived at in consultation with the Project Manager of the bidder and / or TAM of respective OEM.

**EXPERTISE AND QUALIFICATIONS**

Should have Good knowledge on

1. Network Security

2. End point security

3. Threat intelligence

4. SOAR integration

5. SOAR playbook creation

**Salary**: ₹166,000.00 - ₹233,000.00 per month

Ability to commute/relocate:

- Mumbai, Maharashtra: Reliably commute or planning to relocate before starting work (required)

**Experience**:

- total work: 5 years (preferred)