Assistant Manager - SOC

Responsibilities

24x7 security alert monitoring, triaging and remediation withing SLA.Responsible for analyzing and correlating large data sets to uncover novel threats and attack techniques that may be present within the organization’s Environment.Incident Management.Daily, Weekly and Monthly report preparation.Daily health check of component and solution.He / She will be part of cyber defense center team to identify opportunities to develop analytical methods to detect advanced threat actors who utilize emerging tactics and techniques.In support of these processes, the role will also include developing and documenting new and innovative threat hunt hypotheses to increase the ability to find existing threats that are otherwise going unidentified or unnoticed.The role will be working part of 24x7 Security Operation Center operational and technical teams to gain insight into critical security controls and architectural specifics to develop valuable hunt strategies and analytics that identify malicious behavior accurately while maintaining a low false positive rate.Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis, and incident response.Work with key stakeholders to implement remediation plans in response to incidents.Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership.Author Standard Operating Procedures (SOPs) when needed.Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty.Should be comfortable to be part of 24*7 SOC services, including night shift

Qualifications

Educational qualifications:

Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).Certification desirable Security+, CEH, GCIH, GCIA, GSEC

Experience

Minimum 3+ years in SOC monitoring and incident management.Experience in a technical role in the areas of Security Operation, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.Experienced in SIEM (Security Incident and Event Monitoring) processes and Products (e.g., ArcSight SIEM, EDR, CSPM)Experience analysing system, network, and application logging for attack techniques at all stages of the cyber kill chain/MITRE framework.Experience consuming and analysing Cyber Threat Intelligence for actionable takeaways.Ability to navigate and work effectively across a complex, geographically dispersed organization.Deep packet and log analytics.Forensic and Malware AnalysisCyber Threat and Intelligence gathering and analysis.Bachelor’s degree or equivalent experience