15 Soc Operations Jobs

Post Name: Global Safety Operation Center (GSOC) Operator ( Control Center Operator) Post Details: Description: GSOC Operator Locations: Pune, India Objective These General Post Orders are applicable to all contract safety & security personnel supporting Global Safety Operation Center (GSOC) Operator duties for Workday Inc. These rules must be followed to ensure proper execution of post specific job functions. All personnel supporting GSOC Operator duties for Workday Inc. must thoroughly read, review, understand, adhere to and execute their duties to these standards at all times. Arrival on Duty Arrive on time for start of shift in the right uniform, ready to assume your post Attend shift passdown brief at the Global Safety Operation Center (GSOC); ask questions where clarification is needed Deployment to Assigned Post Inspect all post equipment where applicable to ensure equipment is operational and accounted for;i.e. GSOC high dollar electronic assets, radios, keys, access control badges Report any equipment inspection deficiencies to the client leadership team immediately After completing passdown brief and shift inspection, relieve the offgoing GSOC Operator and assume the assigned post GSOC Operator Duties Ensure all third party software solutions used by the GSOC are opened, operational, and being monitored where applicable, or ready for use where applicable Ensure all access control and camera monitoring tools are opened, operational and being monitored Investigate all alarm activity and dispatch foot patrol as need to follow up on alarm events or suspicious activity as observed via the surveillance system Dispatch foot & vehicle patrol to support request received by the GSOC; i.e. escorts, drop offs, etc. Notify police for any reports of verified suspicious activity or crimes in progress, as well as notify client leadership for situational awareness and further guidance Notify emergency medical services when notified of medical emergencies occurring on campus and execute client guidance as outline in standard operating procedures relative to medical emergencies Monitor all incoming electronic notifications received related to intelligence reports generated by third party software solution (Dataminr, NC4, OSAC, Egencia) to understand and escalate risk related concerns to impacted personnel, site coordinators, or client leadership, within the framework of establish standard operating procedures As directed and at the guidance of site leadership, send mass notifications via Workdays mass notification system Dispatch personnel to support medical and fire life safety incidents within the framework of Workdays WERC & Life Safety program as well as standard operating procedures Provide ad hoc support to physical security request from the client as directed Fulfill special projects as assigned by client leadership team & the Site Manager Understand an execute all post specific task as they occur within the framework of guidance established in post specific standard operating procedures and departmental playbooks Shall make sure to track/record women employees late-night travelling. Highly Preferred Qualifications 1-2 years of experience working in one or more of the following environments: Commercial or Corporate security environments involving 24/7 monitoring and escalation processes. Security/Emergency/Response based dispatch/operations centre services involving direct interaction with callers and dispatched personnel.

Investigate, hunt, and lead escalated incident response using advanced threat detection from SIEM, EDR, NDR platforms. Develop and manage custom detection use cases aligned to threat frameworks and customer environments. Key Responsibilities: Monitoring, Investigation & Triage Triage and correlate alerts from SIEM (QRadar/Sentinel), EDR, and NDR Identify lateral movement, C2 activity, and data exfiltration Lead incident investigations and initiate containment measures Threat Hunting & Detection Engineering Proactive hunting using logs, flow data, and behavior analytics Apply MITRE ATT&CK for hypothesis-driven hunts Develop, test, and optimize custom detection rules Maintain a backlog aligned with emerging threats Tool Proficienc y SIEM: Advanced KQL/AQL queries, rule tuning, alert optimization EDR: Defender for Endpoint binary/process analysis, endpoint containment NDR: Darktrace/LinkShadow behavioral baselining, detection logic SOAR: Sentinel Playbooks / Cortex XSOAR for automated workflows Cloud Security: Azure AD alerts, MCAS, Defender for Cloud, M365 Defender Threat Intelligence Integration IOC/TTP enrichment Threat intel feed integration Contextual alert correlation Reporting & RCA Draft technical incident reports and RCAs Executive-level summaries for major incidents Cloud Security (Optional): Investigate alerts like impossible travel, app consent abuse Respond to cloud-native security incidents using Defender for Cloud, MCAS Create advanced SOAR workflows and playbook Tool Familiarity QRadar Microsoft Sentinel Microsoft Defender for Endpoint LinkShadow or Darktrace EOP/Exchange protection Antivirus platforms Defender for Identity / Defender for Cloud Advanced SOAR workflows (Sentinel playbooks / Cortex XSOAR) Network forensic tools like Wireshark / Zeek Certifications (Preferred): GCIH / GCIA / CEH Microsoft SC-200 / SC-100 QRadar Admin or equivalent Shift Readiness: 24x7 rotational shifts, including on-call support for escalations and major incidents Soft Skills: Strong analytical and documentation skills Proactive communicator Independent problem-solver and critical thinker

Description The Information Security Analyst will work under the direction of IT Security management in the implementation and monitoring of security tools and infrastructure solutions. This mid-level hands-on role requires someone with 3 to 7 years of IT Security technical experience in a mid to large corporate environment. He/She will have a strong understanding of information security, Firewalls, Routers, Switching, IDS, SIEM, VPNs, Encryption, Vulnerability scanning, Virus and Malware, VLAN, AD, DMZ’s, Proxies, VMware and Access Control technologies. Primary Responsibilities IT Security - Monitor and analyze security alerts / logs and information, escalating as needed. Monitor and control access to secure data and segmented network environments. This individual will be responsible for conducting penetration tests and vulnerability assessments. Configure security devices and tools following management guidelines and vendor specifications. Test proposed security configurations and changes in the IT Security laboratory. Analyze, respond to, and lead security incidents, including Application and Network attempted and realized breaches. Conduct regular security vulnerability scans of wired & wireless network infrastructure and data. Recommend IT Security solutions as needed. Disaster Recovery - Assist the DR team in the DR process as needed. Provide IT Security support to the DR team as needed. Participate in quarterly DR tests. Reporting - Monitor, gather and report on IT Security related incidents and provide regular activity reports. Report on the status of Remediation work related to the implementation, change, retirement or upgrade of IT Security and DR controls and processes. Soft Skills This position involves a high level of interaction with all levels of the organization. The candidate must be able to multitask in a cooperative / collaborative multicultural environment and must be familiar with delivering security solutions following standards based frameworks (ISO 27000, NIST, COBIT or SANS) with clearly defined controls and processes. The ability to work on long term multi-stage projects will be crucial to his/her success as well as good verbal and written communication skills. Technical and Educational Experience Bachelor’s degree in Computer Science, Business Administration, or equivalent work experience. Minimum of 3 years’ experience in Information Security. Certifications, such as CISSP, CEH, GCFE, GPEN, GWAPT, CompTIA security, preferred or able to obtain within 9 months of employment. Experience with SIEM and Log management (Splunk, Syslog, Events Logs, ELK, etc.) Understanding of Automation and Machine Learning concepts Familiarity with security configurations for Microsoft Windows Networks – Microsoft Windows. Cisco Firewalls and Routers and Linux. Familiarity or hands-on experience with Nessus, Tripwire File Integrity Monitoring, IAM, WireShark, MS-Data Protection Manager, Next Generation AV tools, EDR.

Scope: We are looking for a dynamic and strategic Vice President of Cyber Defense to lead our global cyber defense and incident response capabilities. This executive leader will own the detection, response, and mitigation of cyber threats, ensuring our organization is resilient in the face of a rapidly evolving threat landscape. The ideal candidate brings deep expertise in threat detection, SOC operations, incident response, and threat intelligence. This leader will partner across the business to build and maintain a world-class cyber defense program that proactively protects the company's assets, data, and reputation. Key Responsibilities: Cyber Defense Strategy & Operations: Develop and execute the company's cyber defense strategy, aligning with enterprise risk, compliance, and business objectives. Work with key stakeholders and business lines to ensure detection and response meet NIST CSF minimum baselines for global security operations and response. Lead 24/7/365 operations based on business need partner with Global Command and Site Reliability Teams to ensure baseline for all customer facing incidents, and internal company wide incidents are coordinated in a centralized operation center follow the sun model. Lead the global Security Operations Center (SOC), including 24/7 monitoring, detection, analysis, and response to cyber threats. Build out capabilities for detection and response for Tier 1, Tier 2, and Tier 3 security incidents and events. Implement and mature threat hunting, security analytics, and detection engineering programs. Ensure and validate Customer Incident Response and capabilities for onboarding mergers & acquisitions, new customers, and new environments as we grow and scale. Security Assessment and Continuous Threat Exposure Management:Identifying and fixing weaknesses in systems and networks including establish MTTD, MTTR, and MTTA for exposures, vulnerabilities, and potential threats. Incident Response:Investigating and responding to security breaches, including analyzing incidents and escalating them when necessary. Threat Detection and Prevention:Monitoring network traffic, system logs, and other data sources to identify potential threats and malicious activity. Security System Administration and Maintenance:Installing, configuring, and maintaining security tools like firewalls, antivirus software, and intrusion detection systems. Security Policy and Procedure Development:Creating and enforcing security policies and procedures to protect sensitive information. Security Training and Awareness:Educating employees about cybersecurity risks and best practices. Staying Up-to-Date:Keeping abreast of the latest security threats, vulnerabilities, and technologies. Threat Intelligence & Response: Build and manage a comprehensive threat intelligence function to anticipate and defend against advanced persistent threats (APTs) and zero-day vulnerabilities. Lead cyber incident response efforts, including containment, eradication, and post-incident reviews. Serve as a key escalation point during major security events and coordinate cross-functional response. Security Engineering & Automation: Oversee the development and deployment of tools and technologies that support threat detection, log aggregation, SIEM, SOAR, EDR, and XDR platforms. Drive automation and orchestration to increase efficiency and reduce time to detection/response. Hold QBRs with key security operations vendors to ensure compliance and SLAs are met with all contracts. Team Leadership & Development: Build, lead, and inspire a high-performing cyber defense team, including SOC analysts, incident responders, threat hunters, and detection engineers. Foster a culture of accountability, continuous learning, and proactive defense. Establish Career Development Plans and Growth for analysts, engineers, managers, and directors as the business grows and scales. Collaboration & Executive Engagement: Partner with IT, Infrastructure, Risk, Compliance, and Legal teams to align cyber defense practices with business needs. Provide executive-level reporting on threat landscape, risk posture, and incident metrics. Act as a thought leader and spokesperson on cyber defense strategy internally and externally. Qualifications: Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Technology, or a related field. 15+ years of experience in cybersecurity, with at least 5 to 8 years in a senior leadership role overseeing SOC, incident response, or threat intelligence. Deep knowledge of security operations, threat detection techniques, MITRE ATT&CK, and NIST/ISO frameworks. Proven track record managing large-scale incident response, threat intelligence operations, and blue team functions. Experience with cloud security (AWS, Azure, GCP) and hybrid infrastructure defense. Strong executive presence and ability to communicate effectively with C-level stakeholders. Relevant certifications such as CISSP, GIAC, GCIA, GCIH, or equivalent are highly desirable. Our Values If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours Find out here: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

threat hunting and intelligence analysis tools,malware analysis and threat detection, SOC operations, Malware Reverse Engineering, Exploit Development, SIEM, IDS/IPS, and other security tools, CTIA, GCIA,GCIH, OSCP+,GCTI Required Candidate profile malware, ransomware, application & network layer attacks,shell, Python, and PowerShell SIEM platform (e.g., Splunk, Elastic Stack) SQL queries,Threat Hunter & Threat Intelligence Analyst

Key Deliverables: Design and maintain SIEM and WAF detection rules to identify and mitigate threats Lead SOC processes including incident response, escalation, and 24/7 coverage Automate security workflows and threat detection using Python scripting Mentor junior analysts and collaborate with engineering and DevOps teams Role Responsibilities: Manage security monitoring, detection engineering, and incident handling Identify and remediate cloud misconfigurations and enforce security best practices Develop and optimize SOC playbooks, reporting, and dashboards Act as key liaison during security incidents and stakeholder engagements

Job Description: We are looking for an experienced Security Senior Specialist Advisor to join our security team. The ideal candidate will have extensive experience in Data Security Posture Management , Cyber Security Posture Management , and Securiti.AI , with a proven track record of implementing robust security solutions and leading high-level security initiatives. Key Responsibilities: Lead the implementation and management of Data Security Posture Management strategies to ensure optimal data protection. Oversee Cyber Security Posture Management to mitigate risks and strengthen the overall security framework. Utilize Securiti.AI to monitor and optimize security systems, processes, and controls. Collaborate with cross-functional teams to integrate security protocols across multiple platforms and systems. Provide strategic advice on cybersecurity best practices and emerging threats to senior leadership. Troubleshoot and resolve complex security issues, ensuring minimal downtime and risk. Qualifications: 10+ years of experience in Cyber Security , with a strong focus on Data Security Posture and Cyber Security Posture Management . Hands-on experience with Securiti.AI and other relevant security tools and platforms. Expertise in developing and implementing security policies, procedures, and compliance standards. Strong communication and leadership skills with the ability to influence stakeholders at all levels. If you're passionate about driving security excellence and have extensive experience in the cybersecurity space, we'd love to connect with you!

Advanced knowledge in handling security incidents and leading investigations. Proficiency in managing and optimizing SOC operations. Experience in implementing security protocols and policies. Expertise in Malware Reverse Engineering, Required Candidate profile Certified Information Systems Security Professional (CISSP). Certified Information Security Manager (CISM). GIAC Certified Enterprise Defender (GCED). Certified Information Security Auditor (CISA),

For Soc L3-Position: 7Yrs+ hands on Exp. Ready to work for Rotational shifts.(24*7), Team management & Shift roaster Location: Pune Roles and Responsibilities Key Skills: 1.SIEM tool exp-preferably Arc sight. 2. Log Analysis 3.Incident Response 4.DLP experience 5.Investigation Knowledge 6.Rules creation 7.Alert management. 8.Use case Creation 9.Team management 10.Shift Roaster 11.Monthly reports Key Responsibilities To handle the daily monitoring of information security events. To function as an intrusion analyst by examining security events for context, appropriateness and criticality To act as an information security researcher to provide insight and understanding of new and existing information security threats Key Operational Activities Daily checklists and tasks Log analysis and review Vulnerability management activities Alert analysis Investigation of suspicious security event activity Maintain and enforce adherence to corporate standards, policies and procedures Please share your profile to anwar.shaik@locuz.com

Role & responsibilities Manage and guide a team of senior and junior Security engineers who perform operational and project tasks during work shifts. During the shift, you extract best out of the available team Utilize staff strengths, mentor staff in weak areas and identify areas for improvements and trainings Track staff performance and work with managers for the improvement. Review the team members performance Assist in the security incident response process and work closely with internal to manage security incidents. Understand the security policy requirements, gather customers requirements, and transform them into workable process Notify stakeholders of potential or existing threats and lead the development of risk-mitigating strategies of assigned items. Monitoring the operation of the vulnerability management tools, ensuring the tools and supporting processes are working effectively to identify and report vulnerabilities Daily Shift reports review and escalation Go over frequent and persistent alerts and bring up observations and action items to discuss with seniors and Peers for further actions Assist service delivery manager in customer onboarding, meeting SLAs and customer satisfaction Track, report and improvise quality of deliverables (incident/problem solution, requests and project deliverables. Introduce innovative ideas to make it repeatable and sustainable practice for the team Introduce innovative ideas for quality improvements Preferred candidate profile Must have worked in SOC operations, Incident response, Threats and Vulnerability Management Must know common security policy frameworks and possess knowledge of how security programs are run at mid to large scale companies Good-to-have-skills Security certifications like CISSP, CISM, CEH, Vulnerability Management Prior Working Knowledge Knowledge of SIEM and vulnerability management tools is added advantage Background in infrastructure management with different operating system, virtualization technologies and networking are added advantage ITIL process knowledge Prior employment at MSSP/Managed Services/IT Services company is preferred, and a background in dealing with global teams and remote teams will be a strong plus

Overview This position is a member of the Information Security organization reporting to the Sr Manager of Consumer Protection. This technical role will lead information security efforts to support consumer teams globally. The employee will work cross-functionally across Information Security, technology, and solutions teams to drive security. This role will be responsible for integrating the enterprise security stack into consumer solutions being deployed. Additionally, the candidate will determine, track, and monitor key metrics. This position requires expertise in Information Security and must be able to present clearly and adequately to leadership. Responsibilities Work cross-functionally across security engineering to drive innovation Generate, track and monitor key metrics Develops strong partnerships with business clients Maintains expertise to function as subject matter expert in multiple security areas Qualifications Bachelors degree in computer science or equivalent work experience Minimum 14 years of experience in IT field 4-6 years of relevant information security experience with foundational knowledge in multiple areas including SOC operations and hands-on Information Technology Experience Relevant certifications such as CISSP, CEH, or CISM are a plus Technical Skills Strong foundation in information security across multiple domains such as Fraud and Bot defense, Data Security, Web Application Firewall, API security, Network security, etc. Cloud infrastructure experience on tools like load balancer, DNS Able to maintain security full-stack applications, including both front-end and back-end components to support our consumer protection platform Understanding of common security threats and mitigation controls Knowledge of cloud security principles and implementation. Familiarity with Azure cloud solution architecture and cloud security features Experience reviewing and validating the security architecture of solutions deployed on-premises and cloud infrastructure Non-Technical Skills Proficient in English Excellent verbal and written communication skills Strong analytical skills Proven ability to collaborate across technical and business team Desirable Qualifications Proficient/Remedial in Mandarin Previous experience in product engineering organizations Strong and extensive experience working in an agile/lean engineering environment Experience driving security related change within a business Previous experience in security engineering and/or security architecture organizations

OVERALL PURPOSE OF THE ROLE: The primary responsibility of the specialist security Operationsis to ensure security risks are identified and managed within acceptable limits. The Security specialist will work closely with Design Authority, Solution Architects, IS Design,IS&T operations and Business teams to manage security of the organization RESPONSIBILITIES: To analyse and update critical and non critical log sources and their health status check for redundant log sources and take necessary steps working with right stake holders daily health check and monitoring of SOC infra Co-relationship, framework management for SOC use cases responsible for analytics and data crunching or data analysis and represenation of outcome for leadeship to make next decisions KPI definition, revision and imprvement for SOC infra, health and use cases TECHNICAL COMPETENCIES & EXPERIENCE To be considered for this role, candidate need to demonstrate the following skills experience and attributes: Bachelors/Masters degree in Engineering/Technology or related field Minimum 6-8 years of relevant IT experience Professional industry standard certifications like CISSP, CEH, GIAC, CISM, ISO 27002 etc. will be an added advantage Experience with various IT / Security technologies including, Active Directory, DNS, Messaging, Firewalls/ VPN Gateways, IPS, Proxy, WAF, PKI, IAM,etc. Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode Proficient handson experience and understanding of various security tools and technologies. Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management Solid understanding of ITIL process framework Must understand and have worked in an operational environment such as a NOC or SOC for 2- 4 years Demonstrated leadership experience in the area of Security Operations Proven planning, prioritization, and organizational skills Demonstrated drive for continuous learning, results orientation, and teamwork Ability to drive change through innovation & process improvement Ability to manage projects and drive action items with customers and crossfunctional peers Proven crisis management skills Professional & concise communication (written & verbal) Ability and flexibility to adapt to change, including shifting and competing priorities Demonstrated ability to be a big picture thinker, strategist, and long term planner Strong analytical skills with demonstrated problem solving ability Project management skills with a proven ability to design workable solutions will be an added advantage Exposure to ISO 27002 and ISO 27005

Job Title : Network and Firewall Admin L2 Experience : 5-7Years Location : Bangalore Description : Network Management: Install, configure, and maintain network hardware and software. Monitor network performance and troubleshoot issues to ensure optimal performance. Manage LAN, WAN, and WLAN networks, ensuring seamless connectivity. Firewall Administration: Configure and manage firewalls to protect network infrastructure. Implement security policies and rules to safeguard against unauthorized access. Monitor firewall logs and respond to security incidents. Application Management: Manage Privileged Access Management (PAM) solutions to control and monitor privileged accounts. Administer Identity and Access Management (IDAM) systems to ensure secure user authentication and authorization. Configure and maintain Web Application Firewalls (WAF) to protect web applications from threats. DNS and SOC Operations: Manage DNS servers and ensure proper resolution of domain names. Collaborate with Security Operations Center (SOC) to monitor and respond to security threats. Conduct regular security assessments and vulnerability scans. Documentation and Compliance: Maintain detailed documentation of network configurations, changes, and security policies. Ensure compliance with industry standards and regulatory requirements. Skills and Qualifications: Technical Skills: Proficiency in managing network and firewall environments. Experience with PAM, IDAM, WAF, DNS, and SOC operations. Knowledge of network protocols and security best practices. Soft Skills: Strong analytical and problem-solving abilities. Excellent communication and teamwork skills. Ability to work under pressure and manage multiple tasks. Education and Experience: Bachelors degree in Computer Science, Information Technology, or a related field. Minimum of 3+ years of experience in network and firewall administration. Relevant certifications such as CCNA, CCNP, CISSP, or CISM are preferred.

Role: Security Engineer / Senior What youll do for us Execute routine operational security tasks, ensure ongoing compliance, and conduct security assessments across a variety of technologies and third-party vendors. Serve as the primary point of contact for Endpoint Security . Oversee and report on security tool performance (e.g., SIEM, EDR/XDR, IAM ). Lead security incident triage, investigation, and response efforts, leveraging EDR solutions for enhanced detection and remediation. Proactively search for and identify potential threats within the environment. Perform in-depth analysis of malware to understand behavior, impact, and mitigation strategies. Conduct forensic analysis and manage evidence collection. Support compliance initiatives , including privileged access reviews and change monitoring. Track and report on operational metrics related to security alerts and incidents. Perform security reviews across infrastructure, applications, and third-party services. Contribute to various programs and initiatives aimed at advancing the companys information security policies and standards. Champion security best practices and raise security awareness across the organization. What youll have 5+ years of experience in security analysis, security operations, or a forensics role. In-depth knowledge of SOC operations and Endpoint Security. Proven experience with network, systems, and application security. Familiarity with industry-standard security and control frameworks such as ISO 27001/2, NIST, and CIS. Strong interpersonal skills and the ability to communicate complex security and risk concepts to both technical and non-technical audiences. High level of personal integrity and discretion in handling confidential information. Self-motivated, dependable, and able to work independently with minimal supervision. A genuine passion for security and a strong commitment to seeing projects and investigations through to completion. Enjoyment of collaborative work in a team-oriented environment What we’ll do for you: Flat organization: With a very strong entrepreneurial culture (and no corporate politics). Great people and unlimited fun at work. Possibility to really make a difference in a scale-up environment. Support network: Work with a team you can learn from every day. Diversity: We pride ourselves on our international working environment. AI is firmly on every CEO's agenda, o9 @ Davos & Reflections: https://o9solutions.com/articles/why-ai-is-topping-the-ceo-agenda/ Work-Life Balance: https://youtu.be/IHSZeUPATBA?feature=shared Feel part of A team: https://youtu.be/QbjtgaCyhes?feature=shared How the process works... We will share a link to create your profile on workday & Respond with your interest to us. We’ll contact you either via video call or phone call - whatever you prefer, with the further schedule status. During the interview phase, you will meet with the technical panel for 60 minutes. We will contact you after the interview to let you know if we’d like to progress your application. There will be 2 rounds of technical discussion followed by a Managerial round. We will let you know if you’re the successful candidate. Good luck!

OVERALL PURPOSE OF THE ROLE: The primary responsibility of the specialist security Operationsis to ensure security risks are identified and managed within acceptable limits. The Security specialist will work closely with Design Authority, Solution Architects, IS Design,IS&T operations and Business teams to manage security of the organization RESPONSIBILITIES: To analyse and update critical and non critical log sources and their health status check for redundant log sources and take necessary steps working with right stake holders daily health check and monitoring of SOC infra Co-relationship, framework management for SOC use cases responsible for analytics and data crunching or data analysis and represenation of outcome for leadeship to make next decisions KPI definition, revision and imprvement for SOC infra, health and use cases TECHNICAL COMPETENCIES & EXPERIENCE To be considered for this role, candidate need to demonstrate the following skills experience and attributes: Bachelors/Masters degree in Engineering/Technology or related field Minimum 6-8 years of relevant IT experience Professional industry standard certifications like CISSP, CEH, GIAC, CISM, ISO 27002 etc. will be an added advantage Experience with various IT / Security technologies including, Active Directory, DNS, Messaging, Firewalls/ VPN Gateways, IPS, Proxy, WAF, PKI, IAM,etc. Good understanding of tools like CyberArk, PingIdentity, Sailpoint, Qualys, Veracode Proficient handson experience and understanding of various security tools and technologies. Experience in an operational role working directly with internal and external customers, trouble ticketing systems, and incident management Solid understanding of ITIL process framework Must understand and have worked in an operational environment such as a NOC or SOC for 2 4 years Demonstrated leadership experience in the area of Security Operations Proven planning, prioritization, and organizational skills Demonstrated drive for continuous learning, results orientation, and teamwork Ability to drive change through innovation & process improvement Ability to manage projects and drive action items with customers and crossfunctional peers Proven crisis management skills Professional & concise communication (written & verbal) Ability and flexibility to adapt to change, including shifting and competing priorities Demonstrated ability to be a big picture thinker, strategist, and long term planner Strong analytical skills with demonstrated problem solving ability Project management skills with a proven ability to design workable solutions will be an added advantage Exposure to ISO 27002 and ISO 27005