Cyber Detection and Response SOC Manager

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As the Threat Detection & Response Operations Manager in the EY-cyber security team, you will lead Operations/Delivery for TDR engagements with end-to-end security incident investigation support to ensure client SLAs and KPIs are met, leveraging multiple SIEM/EDR/NSM solutions. Your key responsibilities will include overseeing the process of detecting, reporting, and responding to security incidents, ensuring that the SOC team can effectively manage incidents when they occur. You will be responsible for managing the security tools and technologies used by the SOC team and ensuring they are properly configured and maintained to monitor and detect security threats effectively. Additionally, you will lead and manage the Security Operation Centre primarily responsible for security event monitoring of clients" networks and ensure that Service Level Agreements are defined, tracked, and met for all clients. Providing technical leadership and advice to junior team members on SOC activities, revising standard operation policies & procedures as required, identifying opportunities to improve security monitoring and operational tasks, and conveying complex technical security concepts to technical and non-technical audiences including executives are also part of your responsibilities. Developing and maintaining productive working relationships with client personnel, overseeing the daily SOC tasks that can be automated, and providing both a strategic view and benefits to clients while working with limited resources to achieve them are essential aspects of the role. To qualify for this role, you must have a B. Tech./ B.E. degree with sound technical skills, the ability to work in the client's time zone, a strong command of verbal and written English language, demonstrate both technical acumen and critical thinking abilities, strong interpersonal and presentation skills, a minimum of 10 years of hands-on experience of operating/implementing/designing SIEM solutions, and proven experience in Project Management. Certification in any of the SIEM platforms, knowledge of RegEx, Perl scripting, and SQL query language are considered value adds. Certifications such as CISM, CEH, CISSP, GCIH, GIAC, SABSA, TOGAF are also preferred. The ideal candidate for this role will have proven experience in leading operations for SOC projects with hands-on experience in SIEM configuration and setup.,