Security Operations

Responsibilities

• Detect and respond to cyber security threats to ensure your organization operates securely.
• Partner with the existing internal SOC team across the world and keep the CISO informed about security incidents.
• Act as a liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients, or regulatory bodies.
• Monitor security systems and networks for potential security breaches or incidents.
• Conduct in-depth investigations into security incidents to determine the root cause and extent of the compromise.
• Develop and implement incident response plans and procedures to contain, eradicate, and recover from security incidents.
• Coordinate with cross-functional teams, including IT, legal, and senior management, to respond to and mitigate security incidents.
• Document incident response activities, including findings, actions taken, and lessons learned, for future reference and improvement.
• Provide guidance and mentor junior members on the latest security trends and techniques.
• Stay current with emerging cybersecurity threats, vulnerabilities, and trends to proactively enhance incident response capabilities.
• Define and drive tabletop exercises and simulated incident scenarios to test and improve incident response readiness.
• Carry out tabletop exercises for customers on various incident response scenarios.
• Collaborate with external partners, such as law enforcement and industry peers, to share threat intelligence and best practices.
• Develop incident management plans and procedures, surveying the networks for signs of a breach, and coordinating and executing tabletop exercises to practice, develop plans, policies, and procedures.
• Perform proactive threat hunts to identify threats and assess the state of security controls; work with in-house red teams to detect offensive operations, and capture and action findings.
• Upgrade security systems by monitoring the security environment; identifying security gaps; evaluating and implementing enhancements.
• Proactively identify threats and risk remediation.
• Generate metrics for management as needed. Prepare system security reports by collecting, analyzing, and summarizing data and trends.
• Define and participate in the implementation of on-prem and cloud architecture and security controls.
• Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.

• 6 10 years of proven experience in security incident response handling, vulnerability management, or penetration testing; a masters degree can be substituted for experience.
• Practical experience with threat detection, monitoring, incident response and implementation, ability to query and write detection rules, and management of security-related technologies (i.e., SIEM (Qradar / Splunk), SOAR, WAF, AV, Firewalls, Internet-facing services).
• Proven experience in cybersecurity incident response, including hands-on experience with incident detection, analysis, and response.
• Experience conducting technical analysis of security events including malware analysis, incident triage, escalation, communication, and digital forensics.
• Excellent analytical and problem-solving skills, with the ability to think critically and make decisions under pressure.
• Effective communication skills, both verbal and written, able to convey technical information to non-technical stakeholders.
• Familiarity with scripting for automation.
• Strong expertise in gathering and condensing threat intelligence into actionable and meaningful communication materials.
• Bachelors degree in information security, information technology, computer science, or related fields.
• Experience in public cloud infrastructure such as Microsoft Azure, GCP, AWS.
• Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2.
• Proven experience with products dealing with vulnerability management services which include Tenable, Qualys, Nexpose, etc.
• Demonstrated understanding of information security concepts, standards, and practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring, and log management and event monitoring/reporting.
• Certifications such as CISM, CEH, GCIA, GCIH, CISSP, or equivalent.
• People management experience is a plus.
• Results-focused and attention to detail.

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success and the success of our customers. Does your heart beat like ours? Find out here: Core Values

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

• Hyderabad