SME - SOC /Team Lead

Experience- 5 yr Qualification-B.E./ B. Tech (IT/ Computer Science/ Electronics/ Electronics & Communications/ Electronics & Electrical)/ MCA Location- Delhi, Banglore, Lucknow Certification- Relevant & Valid Professional/ Advance/ Expert level OEM Certification (Trellix/ OpenText/ Kaspersky/ FireEye/ Fortinet, etc.) or CISA/ CISM/ CISSP/ OSCP/ CEH/ CompTIA Job Description- Review of L1 & L2 activities on regular basis and automate all tasks - Perform threat modelling of all the assets and accordingly define the necessary use cases to detect all kinds of threats, accuracy of detection, reduce false positives and content development - Improvise threat hunting capabilities of the technology - Optimization of response time to fetch data, logs in advanced queries, reports, dashboards etc. - Ensure logs ingestion from various log sources, automation of incident, vulnerability etc. remediation through SOAR - Threat Intel feed analysis, provide appropriate recommendations, define use cases to detect the threats according to the information provided in Threat intel - Close the vulnerabilities, apply security & enhancement patches, upgrade versions - Ensure DC & DR setups are in sync on real-time basis in every manner - Participate in DR, cyber, tabletop drills etc. - Provide management report on regular basis on SOC metrics - Provide necessary support during the Forensics investigation and threat hunting - Perform continuous assessment of respective solution maturity against global standards and fine tune the configuration parameters, technical policies, rules, algorithms accordingly - Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times - Provide on the job training to the SOC team - Make presentations on the current technology capabilities, use cases, automation done etc. and current and future enhancements / roadmap etc Show more Show less