Manager

Job Description

Continuous review of the operations carried out by the SOC team. Ensure that SOC team is fully compliant to the process defined. Efficiently manage the escalation procedures followed by the SOC team. Regularly monitor and review the incident and cases records. Regularly track the Timeline compliance of the SOC activities. Take measures to carry out SOC activities in an effective and efficient manner. Regularly review the processes and procedures followed by the SOC team and propose changes if there is a scope for improvement. Develop and evaluate metrics to measure the performance of the SOC team. Present the security reports periodically to the IT security team and management. Provide suggestions to add/remove log sources under monitoring scope. Co-ordinate with the external teams during incident management. Ensure the development of policies, procedures documentations. Establish, document, and manage the scope, schedule, and resource allocation for projects and sustaining activities to ensure successful project execution. Implement and maintain integrated work schedules and plans which ensure that the necessary deliverers are ready available, Oversee the daily operations of the 24x7x365 Security Operations Center. Guide L2 Team to Develop and configure use cases on SOC monitoring tools concerning a specific log source upon integration. Guide L2 Team Configure additional modules/packages on Qradar if there are any. Guide L2 Team Develop Log Baseline for the log sources identified to be integrated with Qradar. Guide L2 Team Set up a baseline security level for critical assets by means of Qradar vulnerability scans per quarter. Technologies: IBM QRADAR SIEM IBM Guardium DAM, Check Point Fortigate NGFW