SOC Infrastructure Engineer ( Team Lead SOC )

Job Description

Essential Services: Role & Location fungibility To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service. The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the Role As a Team Lead - SOC Infrastructure Engineer in the banks security operations center (SOC), the individual will be responsible to oversee the implementation of all the underlying IT infrastructure necessary to send logs from all the log sources to the banks new SIEM platform . Key Responsibilities Business Understanding: Responsible to ensure connectivity from all the banks IT systems and applications (whether on cloud or on-prem) to the banks SIEM platform. Responsible to ensure the upkeep of bank’s inventory to reflect the correct status of which systems are reporting logs to the SIEM. General upkeep of the SIEM platform’s health and availability. Collaborate: Lead a team of engineers and provide technical guidance to a team of Security systems engineers who will be responsible for ensuring connectivity from (i)network log sources such as routers, switches, firewalls, load balancers, network Proxy (ii) Server log sources of various categories such as Windows, *nix, AD, Database, AIX, Solaris, etc. (iii) Endpoints (iv) security solutions such as DAM, IDAM, PIM/PAM, IPS, WAF, etc. and (V) Cloud (AWS, Azure, GCP and OCI) to the bank’s SIEM solution such that logs can be ingested by the SIEM platform. Ensuring systems and network readiness for deploying SIEM in the bank’s network. Hosting interactions with the bank’s technology team to resolve any underlying connectivity issues limiting the logs from being sent to the SIEM platform. Work with the respective peers in the bank’s technology group to ingest logs from newly introduced systems and log sources. Work with the designated bank’s department to ensure alignment with RBI guidelines in the respective areas. Vendor Management: Working with the vendors to ensure resolution of issues limiting the sharing of the logs. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications: CCNP, CCNA Security, Any Cloud security certifications (AWS, GCP, Azure, OCI) and/or any Microsoft or VMware or RHEL certifications. Compliance: Stay up to date with the latest trends and developments in cybersecurity and SIEM technologies and recommend improvements to the organization security posture and creation of procedural documents necessary for the department. Communication Skills: Excellent communication and interpersonal skills. Synergize with the Team: Ability to work collaboratively with different teams for closure of activities. Strong understanding of cybersecurity principles will be required. Knowledge of Networking components, Servers (RHEL, Windows, etc.) and Endpoints, and cloud technology will be required including the capability to design new solutions. Strong understanding of cybersecurity principles will be required. You can also apply here - https://www.icicicareers.com/CareerApplicant/Career/job-details/2555533