Manager - Captive Operations

About The Company

Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of CommunicationsOrganisation : Novamesh Ltd (TATA Commununications Ltd)Position : L3,Location Jaipur

Shift : 9x5

Qualification:

B.E./ B.Tech/ MCA/ M.Sc. in Computer Scienceor IT

Position Summary

We are looking for a skilled

Security OperationsSpecialist

with expertise in

SIEM, SOAR, UEBA, and NBAD

technologiesto strengthen our security monitoring, automation, and threat detectioncapabilities. The ideal candidate should have a strong technical background,relevant experience in cyber security, and a proactive attitude toward threathunting and incident response.

Roles And Responsibilities

Cyber threat collection & Analysis, Global Threat FeedTools, SOC Automation, Forensics Artifact handling & Analysis, IncidentResponse, Tradecraft Analysis, Security Consulting & Training,Communicating Emergency Alerts & Warnings to relevant/designatedstakeholders, Perform analysis on the reported incidents, determine the rootcause, recommend the appropriate solution ensure the necessary SOC documentslike operating, procedures, configuration management, Low Level Design, etc.are up to date with the changes made in their respective areas.Work on tickets assigned by L1/L2 for further analysisand ensure timely response and resolution of tickets as per SLA. Maintain MTTRand MTTD.Reporting the security events/ incidents to SOC Manager otherrelevant/ designated stakeholders. Communicating Emergency Alerts &Warnings to relevant/designated stakeholders.Should have knowledge of below technologies

• Experience in SIEM Tool like ArcSight,
  

LogRhythm SIEM, Threat Intelligence, Malware Analysis, Incident Response

• Experience in handling SOC customer in Captive
  

Environment

• Team management experience more than 20+
  

team members, performance measurement experience.

• Experience in handling P1 incident,
  

driving investigation till closure

• Responsible for the technical Administration
  

or troubleshooting in SIEM ensuring the efficient functionality of the solution

• Responsible for Incident Validation,
  

Incident Analysis, Solution Recommendation,

• Good
  

knowledge on implementation, installation, integration troubleshooting and
overall functionalities of LogRhythm/ArcSight/QRadar/Splunk

• Experience
  

in creating content based on MITRE Framework

• Exposure to
  

SOAR, alert aggregation, automation, Playbook creation

• Monthly/Quaterly
  

Review with customerMaintainsawareness of new and emerging cyber-attack threats with potential to harmcompany systems and networks. Devises and implements countermeasures tomitigate potential security threats.Assistswith the development and maintenance of IT security measurement and reportingsystems to aid in monitoring effectiveness of IT Security programs.

Good Coordination Skills With Various Other

teams for faster resolution/completion.Good to have threat hunting knowledge.UEBA (User and Entity Behavior

Analytics)

Monitor behavioral analytics to detect insiderthreats, compromised accounts, and anomalous activities.Configure and tune UEBA models to reduce falsepositives and enhance detection capabilities.NBAD (Network Behavior Anomaly

Detection)

Monitor and analyze network traffic to identifyanomalies indicating potential threats or breaches.Work with network and SOC teams to investigateand respond to suspicious network behavior.

Required Qualifications

Education

Qualification:

B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT

• Experience:
• Minimum 8+ years of relevant experience in Security Operations, Threat Detection, or Incident Response.
• Certifications:
  

Certified Ethical Hacker (CEH)

mandatory

.