SOC Manager
- Sisa Information
- 7 - 12 years
- Bengaluru
- 4 months ago
- Email to a friend
- Report this job
Job Description
Roles and Responsibilities:
- Serve as an escalation point for all Threat Analysts on shift for complex/unusual alerts/cases/requests/incidents.
- Daily review of security alerts/logs with follow-up on any suspicious activity.
- Basic understanding of Forensics / hands on experience of sandboxing
- Hands on experience and rule revisions of security solutions on phishing emails
- Review cases escalated by Threat Analysts to investigate, respond and remediate; Ensure an effective flow of escalated cases; and Conduct quality assurance of cases.
- Mentoring associate team members and contribute to streamlining SOC operations for continuous improvement.
- To ensure an escalate flow of Incident Management System; Assist the team in developing the incident response strategy and then creating and assigning response actions to Threat Analysts as needed.
- Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks.
- Proactively monitor, identify, and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems.
- Work in concert with team members, Information Security engineering, and relevant Subject Matter
- Experts to process, analyze and drive the remediation of identified IT related vulnerabilities Responsible to follow the IT Security Incident Response policies and tools.
- Contribute to Information Security policies, standards, and supporting documentation.
- Root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols.
- Responding to inbound security monitoring alerts, emails, and inquiries from the organization.
- Providing support for Incident Response, including evidence collection, documentation, communications, and reporting.
- Maintaining and improving standard operating procedures and processes
- Responsible for onboarding the clients; both in cloud and on-prem.
Mandatory Skills required for the role:
- Proven work experience as a Technical Support Engineer, Operation, System Admin or similar role.
- Hands on working Experience on any SIEM tool (Qradar /Alien Vault/ McAfee ESM/DNIF).
- 6 months to 1 year of L3 experience and team management is required.
- Team Management and Network Management / Operations Management.
- Good understanding of database, security products (Firewall, IDS/IPS, AV, WAF) and other security products.
Desired Skills:
- Networking concepts
- Information security concepts
- Windows and troubleshooting and domain knowledge
- Linux and troubleshooting and domain knowledge
- Data Analysis
- Data Analytics for Security
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Cyber SecurityEmployement Type: Full timeContact Details:
Company: Sisa InformationLocation(s): Bengaluru+ View Contact
Keyskills: Incident Response Threat Detection SOC
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in