Auditor - Security Operations Centre - IT

Auditor - Security Operations Centre

Job Description : Security Operations Centre (SOC) Auditor

Reporting Structure : Reports to Sr. Manager

Education : Bachelor of Science (IT /Computers), BE/B Tech, MCA

Experience (years) :

- 5+ years of experience in Security Operations Centre, SIEM implementation and operation rollout

- Must have hands on experience in implementing, managing and review of Security Operations Centre

- Must understand network, security architecture, log correlations, setting up SIEM event rules and its review

- Technically sound and having good experience on OS, Database, Network and Web security and cyber security control assessment

- In-depth Security Incident Management experience

- Experience in conducting and participating in internal/external audits such as, regulators, clients and partner audits etc.

- Ability to work independently or as part of a team

- Excellent written, oral communication and presentation skills

- Excellent organizational and interpersonal skills

Industry : Any industry Financial Industry/consulting/IT industry preferred

Responsibilities :

- Assess the SOC implementation and monitoring to identify critical issues that may affect the risk posture of the organizational information assets.

- Assess SOC implementation and monitoring against various industry maturity and capability assessment model.

- Assessing roles of SOC in various phases of NIST - Cyber Security Framework, Red Team, Blue Team exercise.

- Evaluate KPIs and related metrics for the SOC.

- Review VAPT reports and identify observations.

- Develop and maintain audit checklist and documents.

- Audits of information technology systems and infrastructures to verify systems are secure and support the related applications or business processes.

- Audit network designs, change management, patch management, incident management, backup management process, firewall rule review, user access.

- Audit of information security processes such as security event monitoring and resolution, incident response, vulnerability assessment.

- Audit implementation of Systems & Network Architecture including Micro Segmentation, SDN, Cloud Security, Wireless Security etc.

- Developing project plans, work programs, evaluating system controls, documenting results, making recommendations, and communicating information to stakeholders

- Identify and draft thought leadership articles pertaining to SOC Process, Security Incident Handling, SOAR (Security Orchestration, Automation and Response)

- Research public domain to keep up to date knowledge on latest technologies like next generation SIEM, SOAR, User Behavior Analysis, Deception technologies, Cloud security, IoT, Software Defined Network (SDN) etc.

- Should be a self-learner and must keep updated with latest threats and vulnerabilities esearched/discovered.

- Candidate should be willing to travel extensively within Mumbai and across the country for performing audits.

Certifications :

(Any two is preferred)

- CISA/CISM/CISSP

- GCIH

- GSEC

Technology Vendor Certifications : Cisco/ Checkpoint/ RSA/ IBM/ HP etc.

Years of experience : 5 to 8 yrs

Main Responsibility :

- Audit of Security Operations Centre ( also called SOC)

- What all Security Operations covers ( so audit of these)

a. SIEM

b. Network security, Cyber Security, Information Security

c. Vulnerability Assessment, Penetration Testing, VAPT

d. Also look for words like SOAR (Security Orchestration, Automation and Response)

Education : BE/BTech/MCA/Bsc ( It /Computers)

Notice period : max 30 days

Location : New Mumbai/Juhi Nagar