Job
Description
Job Description Job Summary We are seeking for SOC Lead to support threat monitoring, detection, event analysis, incident response/reporting, brand monitoring, forensics and threat hunting activities for its SOC, which is a 24/7 environment. The individual must be able to rapidly respond to security incidents and should have at least 7 years of relevant experience in Cyber security incident response. Should have deeper understanding with some hands-on experience on enterprise IT infra components such as advanced firewalls, IPS/IDS/WIPS/HIPS, routers/switches, TACACS, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, DLP etc. along with cloud environments like AWS (Must), Azure etc. Job Responsibilities Will be discussed by customer Essential Skills Should be able to manage a SOC L1/L2 team Providing incident response/investigation and remediation support for escalated security alerts/incidents Work with various stakeholders for communicating and remediating the cyber incidents Use emerging threat intelligence IOCs, IOAs, etc.to identify affected systems and the scope of the attack and perform threat hunting, end user’s systems and AWS infrastructure Provides support for complex computer/network exploitation and defense techniques to include deterring, identifying and investigating computer, applications and network intrusions Provides technical support for forensics services to include evidence capture, computer forensic analysis and data recovery, in support of computer crime investigation. Should be able to safeguard and custody of audit trails in case of any security incident Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends. Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats. Demonstrates strong evidence of analytical ability and attention to detail. Has a broad understanding of all stages of incident response. Performing comprehensive computer monitoring, identifying vulnerabilities, Target mapping and profiling. Has a sound understanding of SIEM (Splunk, Datadog, Arcsight etc), PIM/PAM, EDR, O365 security suite and other threat detection platforms and Incident Response tools. Should have knowledge of integrating security solutions to SIEM tool and crate the use cases as per the best practices and customized requirements Has knowledge on working on ITSM tools such as JIRA, Service NOW etc Has a logical, disciplined and analytical approach to problem solving Has knowledge of current threat landscape such as APTs Has basic knowledge of Data Loss Prevention monitoring Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.) Should be flexible to work in 24*7 environment Nice to Haves Background Check Required No criminal record Others Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.) There are 2-3 rounds in the interview process. This is 5 days work from office role (No Hybrid/ Remote options available) Final round will be F2F (Mandatory) Office location-Sector-125, Noida Requirements SOC Lead Team Lead Threat monitoring Cyber Security Forensics Services Audit Trails SIEM ITSM Tools Show more Show less
