- Proficient in Incident Management and Response
- Experience in security device management and SIEM
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Experience in threat management
- Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
- Knowledge of applications, databases, middleware to address security threats against the same.
- Proficient in preparation of reports, dashboards and documentation
- Excellent communication and leadership skills
- Experience in performing vendor management
- Ability to handle high pressure situations with key stakeholders
- Good Analytical skills, Problem solving and Interpersonal skills
- Working knowledge and experience with MS office with proficiency in Excel
Roles and Responsibilities:
- Lead and manage Security Operations Center
- Strong experience in team management and project management.
- Primarily responsible for security event monitoring, management and response
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Revise and develop processes to strengthen the current Security Operations Framework, review policies and highlight the challenges in managing SLAs
- Responsible for team vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center
- Management, administration maintenance of security devices under the purview of ITRC which consists of state-of-the art technologies
- Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
- Responsible for integration of standard and non-standard logs in SIEM
- Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. VP/Mgmt.
- Co-ordination with stakeholders, build and maintain positive working relationships with them
Educational Qualifications:
- Additionally one more certification in information security domain is additional.