Security Operations Expert

Security Operations Expert provides the L3 Support and guidance to Security Operations Center (L1/L2) analysts in execution of operations, Investigation, analysis, and cyber event response procedures. Lays out process, procedures and Support in Detailed Investigation with excellent incident management. Performs ad-hoc searches using Security Incident and Event Management (SIEM) (Splunk) Dashboards/ ELK dashboard
- Conduct and lead large complex investigations and Digital Forensics
- Conduct Large scale Threat hunting Campaigns
- Reviewing of Incident Response Plans Audit and Compliance
- Client Escalations handling.
- Providing guidance to Security Operations Center (L1/L2) analysts in execution of operations, Investigation,
- analysis, and cyber event response procedures
- Laying out process and procedures and Support in Detailed Investigation
- Splunk/ELK Platform management, EDR monitoring and reverse investigation, fine - tune the SIEM tools to setup an
- effective information security support / operation.
- Perform ad-hoc searches using Security Incident and Event Management (SIEM) (Splunk) Dashboards/ ELK dashboard
- Work closely with and Escalate the events/incidents to stakeholders and OEMS and MSP
- Undertake ownership of security incident tickets and follow up till closure
- Provide technical Support and Coordination with various teams for Cyber incident response and
- remediation related activities
- Provide effective communication to all stake holders to meet SLAs and contractual requirements
- Document/update playbooks and other operational procedures
- Continuously learn and keep abreast on latest trends in attack patterns and tools
- Develop usecase and finetune alerting
- Establish KPI, review & manage security logs and provide reports based on KPI and metrics.
- Hands - on knowledge of Correlation rules creation / Update / Deletion
- Managing endpoint detection security system.
- Hands on experience on malware analysis.

**Certification & Experience**

**Min 8 years in cyber security operations, 24 X7 Telecom/IT SOC having hands on experience in Incident response, Investigation in a large telecom/ Enterprise IT Environment.**
- BTech (CS/IT/ECE), Bachelor's degree Technical, or equivalent work experience
- CISSP, Any SIEM and EDR(ELK/Splunk/CrowdStrike) certification preferred
- Good understanding of CIS Benchmarking, NIST CSF, Mitre Attack Framework, Cyber Kill chain
- Good understanding of Multi and Diverse Telecom and Infrastructure technology 5G, 4G, Fixed line,
- Windows, Unix, Security tools and Technology,
- Should have good knowledge in Security Devices and logging formats of NG Firewalls, ID/IPS, AV/EDR, NDR.
- Understanding of current trends in attacker and threat actor tools, Cyber Attack techniques, and procedures
- Threat vectors, IOC, Incident management and risk management
- Demonstrating skills on Security incident management, Threat hunting, Vulnerability management,
- End point detection and Response
- Security Certification: CISSP, GIAC ,CEH, Any SIEM and EDR, ELK (Splunk, CrowdStrike ) certification preferred
- Experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc

**Come create the technology that helps the world act together**

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

**What we offer**

Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

**Nokia is committed to inclusion and is an equal opportunity employer**

Nokia has received the following recognitions for its commitment to inclusion & equality:

- One of the World’s Most Ethical Companies by Ethisphere
- Gender-Equality Index by BloombergWorkplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.