Head - Security Operations with a renowned Telecom Company
Roles/Responsibilities
- Managing Enterprise SOC - 24/7 Monitoring & Security Incident Management
- Should be responsible for managing Global Security operations team, SOCs located in India & US locations which is a 24/7 monitoring for threat detection and incident response (SIEM, CASB, PAM, EPP/EDR, Endpoint DLP, Cyber Threat Intel)
- Cyber Threat Intelligence & CVE analysis and mapping applicability, track for proactive actions basis IOCs and mitigation actions.
- Responsible for sharing Threat analysis report for critical threat campaigns and continual Threat Hunting operationalization.
- Responsible for Security Incident Management, investigation of incidents, analysis and initiating actions towards containment and prevention. Incident investigation report submission to CISO.
- Defining of Security Operations related Process, Procedures, and Incidents Playbooks
- Continuous improvements on SOC processes, Operationalization of new security solution monitoring and efforts to initiate automation (SOAR) of actions to speedup containment measures.
- Active engagement in new security technologies evaluations, testing and operations feedback for optimization for rules / policies
- Timely response to Govt / Regulatory queries with required details.
- Responsible for AUP enforcement to customer to violations observed from customer allocated IP ranges.
- Play an advisory role in assisting Customer facing SOC team in streamlining and aligning practices similar Enterprise SOC and regular cadence to share best practices between Other SOCs in Organization.
- Active engagement and lead the team for SIEM migration project and successful transition of usercases, SOAR Playbooks from Security operations perspective.
- Managing cyber threat intel and Brand monitoring operations and incident handling process.
- Mentoring team on Incident analytical skills and Threat Hunting approaches and guide for streamlining the various processes.
Regulatory ComplianceResponsible for implementation and compliance to Regulatory (DoT & NSA) security requirements related to Security monitoring & Incident Handling.
Demonstrate compliance on security operations and incident management requirements to various Information Security standards, Regulatory security requirements during Audits conducted by respective agencies.
Security Awareness InitiatesResponsible for managing annual Infosec awareness project comprising various programs and drive for rollout within timeframe.
Regular security awareness emails to all users as appropriate
Access Management OperationsResponsible for managing Access Management team operations which deals with workflow approval process, QAR, SOD, Access reconciliation
Regular security awareness emails to all users as appropriate
AuditsHave good working knowledge in supporting ISO 27001 : 2013 Implementation & certification audit requirements from Security Operations standpoint.
Demonstrate & support various audit requirements - Statutory, Regulatory, PCIDSS, ISO 27001, etc
OthersTo support CISO in preparing reports and metrics
CISO Budget planning and management
Active representation in various Organization level initiates and contribute measures from security point of view