Architect - Secops

**Position**:
Architect - SecOps

**What you will be doing**:
**Leading SOC Operations**:

- Implement, and optimize SOC architectures and processes to effectively detect and respond to cyber threats.
- Develop and manage advanced security monitoring and SOC response frameworks, leveraging tools such as Microsoft Sentinel and other cloud-native SOC platforms.

**Case Management and Response**:

- Lead and manage critical security events, including complex investigations and forensic analysis.
- Develop and refine SOC playbooks and procedures to ensure efficient and effective resolution or escalation of security events.

**Automation and Integration**:

- Implement and manage Security Orchestration, Automation, and Response (SOAR) solutions to streamline SOC operations.
- Create and optimize automation rules and workflows to enhance incident detection and response capabilities.
- Integrate SOC tools and platforms to ensure seamless data flow and operational efficiency.

**Threat Intelligence and Hunting**:

- Analyze threat intelligence data to identify emerging threats and vulnerabilities and integrate this intelligence into SOC operations.
- Conduct advanced threat hunting activities and develop strategies to proactively identify and mitigate potential threats.

**Team Leadership and Development**:

- Mentor and guide SOC team members, including SOC Level 1 Analysts, providing leadership on complex incidents and security challenges.
- Collaborate with other teams and departments to ensure cohesive and coordinated security efforts across the organization.

**Continuous Improvement**:

- Stay current with the latest cybersecurity trends, threats, and technologies to continuously enhance SOC operations.
- Contribute to the development of new use cases, dashboards, and reporting templates to improve SOC performance and visibility.

**Key Accountabilities**:

- Shift Lead for SOC in maintaining security operations across private, hybrid, and public cloud environments.
- Ensure timely and effective resolution of security events and escalate complex issues as necessary.
- Ensure SOC capabilities with training and skill development that aligns with continuous improvement to handle complex and evolving cyber threats.
- Develop custom parsers and enrichments for improved alert handling.
- Collaborate with vendors and internal teams to resolve security issues and enhance SOC capabilities.
- Maintain compliance with legal, regulatory, and industry standards.

**What we are looking for**:
**Experience**:

- 7-15 years of experience in SOC roles, with a strong focus on SOC event management, threat management, and SOC architecture.
- Proven track record of managing large-scale SOC operations in global environments. Must be a self-starter and motivated to bring more to this role and team than what is directed.

**Technical Skills**:

- In depth experience with cloud-native security tools, including Microsoft Sentinel, Microsoft 365 Defender, and Microsoft Defender for Cloud.
- In depth experience with endpoint detection and response (EDR) including Microsoft Defender for Endpoint.
- In depth experience with identity concepts, including multifactor authentication, authentication protocols, user behaviors.
- In-depth understanding of cloud and endpoint, including malware forensics, browser forensics, cloud forensics, mobile device forensics.
- Advanced knowledge of scripting and automation using languages.
- Experience with SOAR platforms and security automation.

**Certifications**:

- Relevant certifications such as CISSP, CISM, CCSP, GCIH, or GIAC Security Operations Certified (GSOC) are highly desirable.
- Additional certifications in cloud security or incident response are a plus.

**Soft Skills**:

- Strong analytical and problem-solving skills with the ability to handle complex security events.
- Excellent communication skills to articulate security concepts to both technical and non-technical stakeholders.
- Highly organized, detail-oriented, and capable of working under pressure in a dynamic environment.

**Shift Coverage**: Rotational 24x7 shifts.

**Location**:
IN-KA-Bangalore, India (SKAV Seethalakshmi) GESC

**Time Type**:
Full time

**Job Category**:
Information Technology