SOC Lead

SOC Lead

10 - 12 years (L3)

Mumbai

Must-Have

• Must have hand on experience on SIEM
• B.E/B.Tech/MCA with 8-10 years of experience.
• Certification on SIEM

Required Technical skill:

• Must have hand on experience on DNIF, Qradar , Sentinel.
• Design, build, test, deploy SIEM and Security Architectures.
• Serve as a deeply skilled and knowledgeable resource within the Sentinel SIEM technology area.
• Participate in project teams providing consultation on information security designs.
• Perform security incident analysis and recommend remediation steps.
• Participate on automation of the incidents prioritization and false positives identification.
• Serve as deeply skilled and knowledgeable resource within the SOAR technology area.
• Participate on interconnecting the Sentinel SIEM tool with sources of security incidents – e.g. logs from servers, network and security devices, Vulnerability Management system, Antivirus system, etc.
• Analysis of security events and containment for all security incident events to safe guard Customer infra.
• Installation, configuration and version upgrades for SIEM device.
• Hands-on experience in Integration with multiple tools like Fileserver, NAC, WAF, AD, EDR etc.
• Applying signature/IOC on security devices.
• Providing RCA for the major incident occurred in customer environment.
• Understanding of Incident response plan.
• Have understanding of Cyber skill methodology.
• Good hands on experience on threat hunting(Active and Passive)
• Able to create customer parser for Siem.
• Have good understanding of Unix/Linux platform.
• SOC KPI on Monthly bases & SOC Reporting metrics.

Responsibility from the Role

• Upgrade and maintenance of SIEM Device.
• Cyber incident and forensic investigation.
• Logs analysis and co-relation of security events.
• Self-motivated and quick learner and should be flexible in working 24*7 environment.