Director - Cyber Security - Consulting Firm

Required Skills:

- Proficient in Incident Management and Response

- Experience in security device management and SIEM (ArcSight)

- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.

- Experience in threat management

- Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix

- Knowledge of applications, databases, middleware to address security threats against the same.

- Proficient in preparation of reports, dashboards and documentation

- Excellent communication and leadership skills

- Experience in performing vendor management

- Ability to handle high pressure situations with key stakeholders

- Good Analytical skills, Problem solving and Interpersonal skills

- Working knowledge and experience with MS office with proficiency in Excel

- 24/7 monitoring experience

- Experience in siem content management

- Experience in next gen firewall management

- Experience in vulnerability management

- Experience in cloud security management

- Hand on experience in running SOCs

Educational Qualifications:

- BE-IT / B Tech /Comps

- CEH

- Additionally one more certification in information security domain.

- CISSP

- PMP

- GCIH

- GSEC

Roles and Responsibilities:

- Lead and manage Security Operations Center, with 24/ 7 operations

- Primarily responsible for security event monitoring, management and response

- Team management, shift allocation and management

- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring

- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives

- Revise and develop processes to strengthen the current Security Operations Framework, - Review policies and highlight the challenges in managing SLAs

- Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Center

- Management, administration & maintenance of security devices under the purview of ITRC which consists of state-of-the art technologies

- Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring

- Responsible for integration of standard and non-standard logs in SIEM

- Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.

- Co-ordination with stakeholders, build and maintain positive working relationships with them