Team Lead - Cyber Security Arting Digital

5.0 - 9.0 years

0 Lacs

chennai, tamil nadu

On-site

As a CyberSecurity Team Lead, you will be responsible for acting as the primary point of contact for Managed Detection and Response (MDR) client engagements, ensuring seamless project execution. You will drive the implementation of emerging threat intelligence to identify affected systems and assess the scope of attacks. Developing, documenting, and maintaining SOC processes, standards, and alert triage procedures will be crucial to ensure effective and timely response. Your role will involve defining and refining playbooks for cyber threat response operations, autonomously conducting investigations, and escalating incidents based on defined protocols. In this position, you will mentor, guide, and lead SOC analysts to cultivate a high-performance incident response team. Leading SOC operations during active cyber incidents and coordinating with executive leadership will be part of your key responsibilities. Developing and maintaining SOC dashboards and reporting metrics for performance and threat monitoring will also be essential. Additionally, organizing and conducting cybersecurity tabletop exercises and attack simulations will be integral to enhancing the team's preparedness. We are seeking a candidate with at least 7 years of experience in Security Operations Center (SOC) or a similar role, preferably in Managed Security Services Provider (MSSP) environments. A Bachelor's degree in Computer Science, Information Technology, or Cybersecurity is required. Industry certifications such as CySA+, CEH, CSA, ECIH, or Cloud Security certifications are highly desirable. The ideal candidate will have proven experience in managing SOC daily operations and incident response frameworks, along with strong technical writing and documentation skills. Demonstrated leadership abilities in guiding technical teams, excellent communication skills, and the capacity to collaborate cross-functionally and present to stakeholders are also essential. Hands-on experience with cloud security incidents and SIEM engineering is a significant advantage. A commitment to continuous learning and skill development in the cybersecurity field is expected from the candidate.,

Posted 2 weeks ago

Apply

SIEM Sentinel Engineer Virtusa

4.0 - 8.0 years

4 - 8 Lacs

Gurgaon / Gurugram, Haryana, India

On-site

Should have strong knowledge in MS Sentinel SIEM engineering and administrative activities. People who are in operational profiles cannot apply for this position. Should have performed SIEM engineering role more than 4+ years. Problem solving & People management skill is required. Should have expertise in building custom analytical rules, tuning of analytical rules, building automation through Azure logic apps, management of entire product feature, end to end configuration. Should have expertise in forming KQL queries and functions for complex detection and monitoring requirements. Should have strong knowledge in MITRE attack framework and expertise in developing analytical rules and custom dashboards/workbooks across framework. Should have expertise in log management, retentions, maintenance of logs at low cost, performing access management, developing new custom dashboard based on different requirements. Should have proven record of implementing Sentinel advanced features, efficient log collection mechanisms, deployment and maintenance of log forwarders, maintenance of local agents. Should have expertise in integrating data sources which are not supported by Sentinel tool OOB. Custom parser development and ability to solve technical issues in Sentinel are must have requirements. Should have ability to prepare and maintain policy and procedure documentations around SIEM technology, document life cycle management skill is required. Should have expertise in consuming contents from content hub and management of log analytics workspace and ability to handle issues in MMA and AMA agents. Should have proven record of participation in customer or client reviews or global certifications regarding security controls in SIEM. Compliance and regulatory requirements understandings are good to have. Preference will be given for candidates completed Sentinel Ninja Level 400 Training and Certification. Good to have strong knowledge in Microsoft Sentinel pricing, Microsoft defender products, Microsoft Cloud services and Azure Arc. Should have ability to work with stakeholders to solve technical issues and also to support and deliver complex business, security and operational requirements. Should have ability to work with vendor technical support group and driving issues towards effective and permanent closure. Having knowledge and hands-on experience in Microsoft Defender XDR stack will be an added advantage.

Posted 1 month ago

Apply

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.