Director - Managed Security Services/Delivery & Operations

Managed Security Services, Delivery & Operations

The Head (Managed Security Services) is in charge of the Security services delivery and operations. He/She would provide management, leadership and strategic direction to the security services from delivery & assurance perspective.

Responsibilities

This technical position is responsible for delivery & assurance of managed security services offered.

Responsible for Security Operations Centers at 5 locations globally to provide monitoring, investigation and response to security incidents impacting customers IT infrastructure.

Responsible for creation of processes and procedures, technical documentation for customer projects.

Provide mentorship to security Analysts in the team

Develop and oversee reporting that provide analytics and metrics for customers and internal tracking

Responsible for the successful execution of incident handling procedures as well as direct response to security incidents.

Maintain current knowledge of and recognize attacker tools, tactics, and procedures to produce indicators of compromise (IOCs) that can be utilized during active and future investigations.

Be a consultant to field solutions/sales engineering teams in defining the security roadmap/recommendation for customers

Collaborate in a diverse, multi-region, complex, cross-functional environment

Act as the liaison between Corporate Security Team and SOC services team to define and devise response procedures and to customers

Consult with Product and business development teams and provide inputs for product enhancements in line with the changed security vulnerabilities and business environment

Advise senior management of changes in the technical, legal and regulatory arenas affecting information security and computer crime.

Qualifications & Skillsets

Graduate engineer with 15-18+ years of experience with at least 5 years of full-time work experience in managing Security Operations in an MSSP.

Extensive knowledge of implementing and/or managing Security Information Event Management (SIEM) solutions (Arcsight, LogRhythm, Alien Vault, etc.)

Experience reviewing and correlating raw log files in a security capacity (SEIM, AV, IDS, Firewall, Servers, Database, etc.).

Exposure on intrusion tools and techniques and detection methods and common detection and prevention technologies such as AV, IDS/IPS, DLP, Proxy, Firewalls, etc.).

Security certifications required, such as CISSP, CISM, CEH, CompTIA, GSEC

Strong written and verbal skills; requires ability to communicate technical analysis to both technical and non-technical audiences.

Strong analytical skills and attention to details

Exposure on Governance, Risk & Compliance plans

Hands-on team leadership and management experience, ideally coupled with suitable management qualifications