Job Description
Job Family Descriptor Key Responsibilities Experience in SIEM Tool like ArcSight, LogRhythm SIEM, Threat Intelligence, Malware Analysis, Incident Response Experience in handling SOC customer in MSSP/multi-tenant environment Responsible for the technical Administration or troubleshooting in SIEM ensuring the efficient functionality of the solution Responsible for Incident Validation, Incident Analysis, Solution Recommendation, Good knowledge on implementation, installation, integration troubleshooting and overall functionalities of ArcSight Arc Sight/LR/QRadar platform administration, management experience, platform upgrade Experience in troubleshooting platform related issues, Data backup, restoration, retention Experience in creating content based on MITRE Framework Exposure to SOAR, alert aggregation, automation, Playbook creation ArcSight/LR rule base fine tuning, Ongoing log source modifications, Configuration/policy changes, General SIEM Administration, SIEM. Content Development Troubleshooting of an incident within IT Security incident response teams of SOC. Maintains awareness of new and emerging cyber-attack threats with potential to harm company systems and networks. Devises and implements countermeasures to mitigate potential security threats. Assists with the development and maintenance of IT security measurement and reporting systems to aid in monitoring effectiveness of IT Security programs. Assists with the development, revision, and maintenance of Standard Operating Procedures and Working Instructions related to IT Security. Good Coordination skills with various other teams for faster resolution/completion. Good to have threat hunting knowledge. Broad outline of the Role May be an individual contributor or may lead a team through application of deep knowledge of one job area or broad knowledge of several job areas within Network Operations Support Operational role responsible for setting objectives and delivering results that have a significant impact within the context of a wider operational area Identifies problems and updates or modifies working methods in own role without the benefit of defined procedures May Provide first level of supervisory management to a work team that includes professional roles May also supervise technical and administrative staff Work group team focus Education Graduate Experience 4 8 years Minimum qualification & experience BE/B.Tech or equivalent with minimum 7-10 years of experience Work experience of minimum 5 years in SOC Incident Handling, Incident Response Trend Analysis, administration/monitoring of SIEM Tool like ArcSight, LogRhythm SIEM, Threat Intelligence, Malware Analysis, Ability to adapt and follow the processes and guidelines Possess an impeccable work ethic and a high degree of integrity Good Analytical & Problem Solving skills Able to communicate with technical staff/management Flexible to work after office and over weekend if require Purpose - Broad objective of the role Operating Network - Key External Operating Network - Key Internal Size and Scope of Role - Financial Size and Scope of Role - No. of direct reports Size and Scope of Role - Total team size Size and Scope of Role - Other size parameters Other knowledge/skills Technical Competencies Knowledge / Skills
Employement Category:
Employement Type: Full time
Industry: Telecom / ISP
Role Category: General / Other Software
Functional Area: Not Applicable
Role/Responsibilies: Assistant Manager - Global Network Operations
Keyskills:
ArcSight
Threat Intelligence
Malware Analysis
SOC
Automation
Content Development
Countermeasures
Standard Operating Procedures
Coordination Skills
SIEM Tool
LogRhythm SIEM
Incident Response
MSSP
MITRE Framework
SOAR
Alert Aggregation
Playbook Creation
Rule Base Fine Tuning
Log Source Modifications
ConfigurationPolicy Changes
SIEM Administration
IT Security Incident Response
CyberAttack Threats
IT Security Measurement
Reporting Systems
Working Instructions
Threat Hunting