Vacancy expired!
- Ability to monitor and analyze the security events with Security Information Event Monitoring
- Focused on enhancements to detection and incident response capabilities and other improvements to SOC workflow/automation/process/documentation.
- Ability to architect security solutions including cyber response automation, threat intelligence, user analytics, security infrastructure technologies, and application/software protections
- Provide management oversight of Incidents and manage shifts.
- Ability to create custom search queries and dashboards.
- Serve as an escalation point for Threat analysts for complex/unusual alerts/cases/requests/incidents.
- Conduct performance reviews and develop growth strategies for direct reports.
- Evaluate gaps and assign training for Threat analysts to ensure consistent quality in response.
- Develop and manage metrics based on operational load, process effectiveness and supportability of the SOC.
- Strong verbal and written communication are a must to be able to deliver complex topics.
- 8+ years of experience in information security incident handling, security operations and involving on Threat detection activities.
- Experience with security SIEM tools and technologies like BluSapphire, IBM Q-Rader, Azure Sentinel etc.,
- Experience in developing custom usecase and finetuning the correlation rules
- Deep understanding of cybersecurity threats, vulnerabilities, controls and remediation strategies in complex, federated enterprise environments
- Must be well versed with cyber security management including security controls architecture, incident response preparedness and response, threat intelligence, vulnerability management, and security event analytics and correlation
- Experience with leading and advising clients on security to include risk, governance, technology, regulatory drivers and IT security and frameworks such as NIST, ISO, ITIL standards
- Understanding of security audit standards
- Understand and articulate market trends and ability to understand the competitive landscape
- Demonstrated experience in building and managing a practice. Ability to work with Security team members as well as communicate with other teams (Hybrid Cloud, Digital Workplace, DevOps, etc.) for integrated security offerings
- Demonstrated knowledge of common adversary tactics, techniques, and procedures.
- Experience with Azure and AWS Cloud technologies
- Must have excellent communication, documentation, and customer facing skills
- Demonstrated ability to increase the effectiveness of a Security Incident management
- A team-focused mentality with the proven ability to work effectively with diverse stakeholders;
- Bachelor's degree in Information Technology, related discipline or relevant work experience.
- Good understanding of Information Security compliance regulations, frameworks, requirements (PCI, SOX, HIPPA)
- Relevant Technical Security Certifications (GIAC, CISSP, CISM, EC-Council, Offensive Security, etc) are plus.
Vacancy expired!