SOC Manager

ELIGIBILITY:

MCA / B Tech (CS/IT) / BE (CS/IT)
Work Experience: 7-10 Years of total work experience.

4+ Years experience of managing SOC.

Roles & Responsibilities

Manage the SOC operations and related activities
Lead SOC team to SOC/SIEM implementation, Log aggregation, Detection & Prevention rules. Direct the functions, processes, and operations of the SOC and ensure standard SOPs are followed. Lead the continuous monitoring related operations of the SOC to ensure optimal identification / resolution of security incidents and enhance security. Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence / forensic Actively participate in security incident management and document security/incident response playbooks Review SOC Roster and SOC team performance. Ensure compliance of SLA and adherence of related processes with review of improvement opportunities to meet operational objectives. Lead SOC threat hunting team and create new detection rules Create and publish reports, dashboards, metrics for SOC operations and presentation to customers and management. Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response techniques. Optimization of rules, alerts as per severity of threat perceived from any specific events. Build use cases and correlation alerts in the SIEM for continuous security monitoring Periodic Rules/configuration review as per standard procedure / CIS.

SKILLS:

Hands-on experience of security tools that include SIEM, SOAR and EDR/XDR, experience in Microsoft Sentinel and IBM Qradar preferred.
Familiar with MITRE ATT&CK framework Familiar with multiple Operating System platforms such as Windows, Linux and Unix. Familiar with popular commercials / open source tools and techniques used by hackers Knowledge of Security testing methodology, and other international industry recognised standards and guidelines including CIS controls in depth. Experience in creating detection rule creation using KQL and Regex Aware of general cyber security practices needed by computer and internet user Strong written and verbal communication skills expected - ability to communicate security and risk-related scenarios to both technical and non-technical stakeholders Strong knowledge of Word, Excel and PowerPoint for professional documentations. Ability to work at nights and/or weekends as per urgency / requirement.