You have an exciting opportunity at EthicalHat Cyber Security Pvt. Ltd. as a Security Operations Center Manager. In this role, you will play a crucial part in managing the Security Operations Center (SOC) and ensuring the effective and efficient operation of security processes. Your responsibilities will include directing the functions, processes, and operations of the SOC to maintain compliance with policies and procedures. You will lead the 24/7 operations of the SOC to ensure timely identification and resolution of security incidents, enhancing client security. Additionally, you will manage the SOC team, including shift scheduling, performance monitoring, and process adherence. As the SOC Manager, you will be responsible for managing the collection, documentation, and research of security incidents received via the SOC. You will provide realistic overviews of risks and threats to CISO/Senior Management and develop incident response management programs. Moreover, you will work closely with customers to ensure resolution management and customer satisfaction. Your role will also involve creating reports, dashboards, and metrics for SOC operations, conducting training exercises for staff, and establishing performance goals and priorities. Desired candidates should have at least 4 years of SOC experience and 10+ years of Security Operations management experience. The ideal candidate will possess good knowledge of SIEM concepts and experience with tools such as LogRhythm, Sourcefire, and Cisco AMP. Strong expertise in security operational services, including threat management, cyber investigations, and forensic investigations, is required. Advanced knowledge of information systems security standards and procedures, along with excellent time management and leadership skills, are essential for this role. If you have 8-12 years of relevant experience, excellent communication skills, and a strong understanding of networking and security fundamentals, we encourage you to apply for this challenging position at EthicalHat Cyber Security Pvt. Ltd.,
Role Overview: You will be responsible for monitoring, analyzing, and detecting security events and incidents in the 24X7 SOC Environment. Your role will include managing, tuning, and optimizing the SIEM tool (LogRhythm) to meet business requirements. Additionally, you will provide recommendations to the client's security team to enhance security controls, create operational guidelines, processes, and procedures with the SOC manager, and handle escalated security incidents with deep dive analysis, threat hunting, and malware analysis. Key Responsibilities: - Manage, tune, and optimize the SIEM tool (LogRhythm) - Provide recommendations to optimize security controls such as IDS/IPS, endpoint security, vulnerability management, DLP - Work with SOC manager to create new operational guidelines, processes, and procedures - Act as the first point of escalation for the SOC team and assist with work assignments - Handle escalated security incidents and perform deep dive analysis, threat hunting, and malware analysis - Identify opportunities for continuous improvement in security operations - Ensure service level agreements are met and processes are followed - Guide and mentor L1 and L2 analysts in investigating and mitigating security threats and incidents - Develop and mentor staff through delegation, training, and project assignments Qualifications Required: - More than 5 years of experience in the information security field - Proficiency in security operations, intrusion detection, and incident handling - Experience in security monitoring with SIEM technologies such as LogRhythm and Splunk - Strong team player with the ability to work in a challenging environment - Knowledge of current and emerging SOC technologies and processes - Excellent communication, writing, and interpersonal skills - Strong leadership skills with the ability to prioritize and execute tasks - Proficiency with case management and ticketing systems - Experience with various SOC tools such as LogRhythm, Sourcefire IPS/IDS, Cisco AMP, Digital Guardian, Cisco Ironport, Cloudflare, and System Center Endpoint Protection - Good knowledge of network security, TCP/IP, Linux, Windows, etc.,