Team Lead- SOC

Job Description

Role: Team Lead-SOC Experience: 7-12 Years Location: Sector-125, Noida Skills Required: SOC Lead,Team Lead,Threat monitoring,,Cyber Security,Forensics Services,Audit Trails,SIEM,ITSM Tools Notice period: Immediate joiner/ 15 days This is 5 days work from office role.(No Hybrid/ Remote options available) Final round will be F2F only (Strictly) Abouiut Company: It is a global pharmacovigilance solutions company specializing in innovative software and expert consulting services. Experienced team of business and technology innovators works with Pharmacovigilance and Risk Management Professionals to help increase the compliance, productivity and quality for the entire Drug Safety value chain. Job Description We are seeking for SOC Lead to support threat monitoring, detection, event analysis, incident response/reporting, brand monitoring, forensics and threat hunting activities for its SOC, which is a 24/7 environment . The individual must be able to rapidly respond to security incidents and should have at least 7 years of relevant experience in Cyber security incident response . Should have deeper understanding with some hands-on experience on enterprise IT infra components such as advanced firewalls, IPS/IDS/WIPS/HIPS, routers/switches, TACACS, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, DLP etc. along with cloud environments like AWS (Must) , Azure etc. Responsibilities Should be able to manage a SOC L1/L2 team Providing incident response/investigation and remediation support for escalated security alerts/incidents Work with various stakeholders for communicating and remediating the cyber incidents Use emerging threat intelligence IOCs, IOAs, etc.to identify affected systems and the scope of the attack and perform threat hunting, end user’s systems and AWS infrastructure Provides support for complex computer/network exploitation and defense techniques to include deterring, identifying and investigating computer, applications and network intrusions Provides technical support for forensics services to include evidence capture, computer forensic analysis and data recovery, in support of computer crime investigation. Should be able to safeguard and custody of audit trails in case of any security incident Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends. Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats. Demonstrates strong evidence of analytical ability and attention to detail. Has a broad understanding of all stages of incident response. Performing comprehensive computer monitoring, identifying vulnerabilities, Target mapping and profiling. Has a sound understanding of SIEM (Splunk, Datadog, Arcsight etc), PIM/PAM, EDR, O365 security suite and other threat detection platforms and Incident Response tools. Should have knowledge of integrating security solutions to SIEM tool and crate the use cases as per the best practices and customized requirements Has knowledge on working on ITSM tools such as JIRA, Service NOW etc Has a logical, disciplined and analytical approach to problem solving Has knowledge of current threat landscape such as APTs Has basic knowledge of Data Loss Prevention monitoring Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.) Should be flexible to work in 24*7 environment Preferred Qualifications Security Certifications Preferred (but not limited to): CISSP, CHFI, CEH Required Qualification Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.) , Skills: routers,soc,o365 security suite,team lead,siem,proxy,vulnerability identification,itsm tools,soc lead,threat monitoring,multi-factor authentication,email systems/security,advanced firewalls,virtualization,computer forensic analysis,data recovery,web proxy,aws,av/edr,threat hunting,azure,ips/ids/wips/hips,dlp,vpn,risk management,switches,incident response,forensics services,cyber security,data loss prevention,audit trails,edr,dns,pim/pam,dhcp,tacacs Show more Show less