SOC Manager SISA

About SISA

Job Description

Purpose Of The Role We are looking for a highly experienced information security professional to help leading one of the clusters of Synergistic Security Operation Center to monitor security alerts, respond and remediate detected issues, and work with the Incident Management process to remove threats and vulnerabilities within the organization and to assist the SOC team in its mission to secure our customer requirements. Roles & Responsibilities Serve as an escalation point for all Threat Analysts on shift for complex/unusual alerts/cases/requests/incidents. Daily review of security alerts/logs with follow-up on any suspicious activity. Review cases escalated by Threat Analysts to investigate, respond and remediate; Ensure an effective flow of escalated cases; and Conduct quality assurance of cases. Mentoring associate team members and contribute to streamlining SOC operations for continuous improvement. To ensure an escalate flow of Incident Management System; Assist the team in developing the incident response strategy and then creating and assigning response actions to Threat Analysts as needed. Perform investigation of network and hosts/endpoints for malicious activity, to include analysis of packet captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks. Proactively monitor, identify and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems. Work in concert with team members, Information Security engineering, and relevant Subject Matter Experts to process, analyze and drive the remediation of identified IT related vulnerabilities Responsible to follow the IT Security Incident Response policies and tools. Contribute to Information Security policies, standards, and supporting documentation. Root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols. Responding to inbound security monitoring alerts, emails, and inquiries from the organization. Providing support for Incident Response, including evidence collection, documentation, communications, and reporting. Maintaining and improving standard operating procedures and processes Responsible for onboarding the clients; both in cloud and on-prim. Required Skills Proven work experience as a Technical Support Engineer, Operation, System Admin or similar role. Hands on working Experience on any SIEM tool (Qradar /Alien Vault/ McAfee ESM/DNIF). 6 months of L3 experience is required. Team Management and Network Management / Operations Management. Good understanding of database, security products (Firewall, IDS/IPS, AV) and other tech products. Desired Skills Networking concepts Information security concepts Windows and troubleshooting and domain knowledge Linux and troubleshooting and domain knowledge Data Analysis Data Analytics for Security Education Requirements Bachelor of Engineering (BE) - Computer Science(CS) / Information Science(IS), Bachelor in Computer Application (BCA), Masters in Computer Application(MCA), Masters of Technology (M.Tech), Masters in Computer science and Information Science, Masters in Forensic analysis / Cyber security Certifications: CISSP, SANS GCIH, Security+ Certified Ethical Hacking (CEH), CiscoCertified Network Associate (CCNA) etc. Personal Attributes Excellent verbal and email Communication Skills. Strong interpersonal and presentation skills. Ability to handle difficult situations effectively. Ability to analyze and solve complex issues. Able to prioritize and execute tasks in a high-pressure environment. Keen attention to detail. Experience working in a team-oriented, collaborative environment. Flexible and multi-tasking ability, coordinating work effort over numerous projects. Work Conditions Strong ability to work and meet demanding deadlines. Ability to function in an ambiguous environment. Ability to work outside normal hours and/or locations. Some travel may be required for on-site meetings, conferences or training.,