Tata Elxsi is a global design and technology services leader for Automotive, Media, Communications and Healthcare. The Company helps customers reimagine their products and services through design thinking and application of digital technologies such as IoT (Internet of Things), Cloud, Mobility, Virtual Reality, and Artificial Intelligence. Roles and Responsibilities: Overseeing the 24x7x365 Security Operation Centers processes, technology and people who monitor security tools, assess threats, and risks involving client infrastructure and orchestration Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity with In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.). Responsible for ensuring that all Managed Service deliverables are produced on time and within strict SLA time frames, while maintaining an innovative growth culture within SOC team. Expected to act as the escalation point for the SOC technical team Managing priorities, providing recommendations and implementing changes to methods/processes. Handle client meetings, point of contact for client requirements, onboard new clients. Manage relationships with our customers in-house operations teams and lead operational interactions/cadence with client management. Provide direction and vision to improve SOCs effectiveness, including motivating people to perform, listening to the team, providing feedback, recognizing strengths, identifying automation opportunities, reducing alert fatigue and providing adequate challenges to staff to maintain innovative growth culture. Oversee the management of our existing Managed Security Operations managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents. Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection. Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities. Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities. Taking a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats. Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends. Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements. Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness. Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC. Proven expertise in MDR and Managed SIEM, with a strong preference for experience with Leading Market vendors. Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc. Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks. Knowledge and hands-on experience of implementation and management of IDS/IPS, Firewall, VPN, and other security products Experience with Opensource Security Information Event Management (SIEM) tools, creating advance co-relation rules, administration of SIEM, system hardening, and Vulnerability Assessment Strong background and expertise on various security technologies including end point security, perimeter security, Advanced threat protection, Security monitoring and security Certifications: CISSP,CISM, CEH, OSCP, or equivalent are highly desirable., ITIL or equivalent
