SOC Manager

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

Your day at NTT DATA

The Manager, Information Security Incident Response is a management role, responsible for managing the Information Security Incident Response Management team. This role ensures their team is equipped and enabled to detect and monitor threats and suspicious activity affecting the organization's technology domain.

This role serves as the escalation point for incidents workflows and participates in the delivery of security measures through analytics and threat hunting processes.

The Senior Manager, Information Security Incident Response manages a team of security professionals whilst fostering a collaborative and innovative team culture focused on operational excellence.

What you'll be doing

Key Responsibilities:

• 10+ Years of experience in SOC.
• 4+ Years of experience as a SOC Manager.
• 4+ Years of experience in SIEM (Splunk)
• CISM/CISSP Certification is must.
• Good understanding about SOAR/UEBA/NBAD/XDR.
• Strong Exp in EDR and email fishing, Ransomware alerts.
• Troubleshooting technical issues to ensure project success. End-end integration of all soc solutions health check as per the signoff
• Implementing changes to align with Client demands and specifications. Providing guidance, direction, and instructions to the team to achieve specific objectives.
• Developing and executing a timeline for the team to achieve its goals.
• Monitoring incident detection and closure. Presenting regular metrics and reports. Identifying new alert requirements.
• Ensuring services meet SLA parameters.
• Conducting periodic DR drills.
• Following up with departments to close various reports/incidents and escalating long outstanding issues. Designing SIEM solutions to enhance security value, service management, and scalability. 
• Identify, resolve, and conduct root-cause analysis for security incidents which is essential for maintaining a proactive and responsive security posture.
• Develop and document incident response procedures.
• Ensuring the SIEM system is optimized for efficient performance is vital. This includes handling data volume effectively and maintaining responsiveness for timely threat detection and response.
• Align reports SIEM rules and alerts with security policies and compliance reports requirements ensures that the system contributes to overall security and regulatory adherence.
• Developing customized and dashboards provides meaningful insights into the LIC's security posture, aiding in decision-making and monitoring.
• Integration with other solutions/devices (including security solutions) to enhance overall security monitoring and incident response capabilities, creating a more comprehensive security infrastructure.
• Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness.

Academic Qualifications and Certifications:

• Bachelor's degree or equivalent in Information Technology, Computer Science or related field.
• Industry Certifications such as CISSP, CISM preferred.

Required Experience:

• Advanced experience in a Technology Information Security Industry.
• Advanced prior experience working in a SOC/CSIR.
• Comprehension and practical knowledge of the "Cyber Threat Kill Chains".
• Advanced knowledge of Tools, Techniques and Processes (TTP) used by threat actors.
• Advanced practical knowledge of "indicators of compromise" (IOC's).
• Advanced experience with End Point Protection and Enterprise Detention and Response Software.
• Advanced experience or knowledge of SIEM and IPS technologies.
• Advanced experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis.
• Knowledge of malware analysis, hacking techniques, latest vulnerabilities, and security trends.
• Preferably an interest, or knowledge of, or experience with SIEM and IPS technologies.
• Advanced knowledge of network technologies including routers, switches, firewalls
• Advanced prior demonstrated experience managing and leading a team in a related field.

Workplace type:

On-site Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

---