Senior Security Operations Center

Job Title: Senior Security Operations Center (SOC) Manager

Location: Thane, India

Job Type: Full-Time

Shift: US Shift Hours, Rotational Shift

Department: NOC, SOC & Help Desk

Responsibilities for Senior Security Operations Center Manager

· Manage program and processes to quickly Responsible for SOC strategy.

· Leading and managing the Security Operations and team of security operational staff members

· Primarily responsible for directing security event monitoring, management and response and cyber intelligence.

· Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring

· Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.

· Revising and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs

· Responsible for overall use of resources and initiation of corrective action where required for Security Operations Center

· Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness.

· Ensuring threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.

· Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt. detect, respond, and resolve security incidents.

· Supervise company and managed resources across the globe and coordinate incident management.

· Support and collaborate with multiple teams including NOC, OCC, Security Engineering, IAM, and Incident Response

· Establish and maintain operational SOP’s in support of SOC and security technologies

· Establish and maintain training plans and conduct ongoing training of SOC staff.

· Establish a development program to foster professional advancement of the SOC staff.

· Create specialized dashboards, reports, alerts.

· Develop incident metric program and global incident reporting.

· Conduct critical research related to global events that could potentially impact organization.

· Manages and is responsible for the successful completion of all tasks in assigned program area including technical work, financial and business development activities.

· Develops a deep understanding of operational risks that drive appropriate response protocols that minimize Samaritan’s Purse impact.

· Influences and improve existing processes through innovation and operational change.

·

Qualifications for security operations center manager

· Experience with Data Loss Prevention (DLP) tools including.

· In-depth knowledge of current threat actors, techniques and trends in cyber security

· Knowledge and working experience as a user and/or admin of SIEM technology solutions.

· Six (6) years of information security experience

· Four (4) years of experience working in a Security Operations Center preferred.

· Understanding of security event monitoring concepts and incident response processes

· Ability to handle heavy load on peak period.

· Experience in ticketing systems

· Identifies trends and gaps with existing information security systems and processes.

· Monitors the performance of strategic information security technology providers.

· Bachelor of Science in a technical discipline or equivalent demonstrated experience and knowledge

· Demonstrated cyber incident handling experience to include the application of lessons learned.

· Experience with Data Loss Prevention (DLP) tools.

· In-depth knowledge of current threat actors, techniques and trends in cyber security

· Knowledge and working experience as a user and/or admin of SIEM technology solutions.

· Six (6) years of information security experience(ISMS Understanding)

· Four (4) years of experience working in a Security Operations Center preferred.

· Understanding of security event monitoring concepts and incident response processes

Licensing or Certifications for Security Operations Center Manager

List any licenses or certifications required by the position: CISSP, ITIL, ISO270001, PCI, CISM, GSEC, SIEM, ISSEP, ISSAP, GCIA, SEC503, GCED, CEH,

Skillset:

Various risk management frameworks, Incident management and response activities across the incident life cycle, Analysis, Configuration control technologies, Network monitoring

Security tools and techniques used by Cybersecurity teams to further analyze the impact and exposure to Cyber threats, Threat hunting, TCP/IP communications and how common protocols and applications work at the network level, Troubleshooting, HTTP

Technical Skills:

CrowdStrike, MITAR Attack Framework, Imperva, Cloudflare DNS Protection, SIEM configuration, LionGard, UpGuard, Galactic Scan, O365 Security. Programming and Scripting knowledge, VAPT