Consultant at Mahindra and Mahindra Ltd
Views:219 Applications:31 Rec. Actions:Recruiter Actions:4
Mahindra & Mahindra - SOC Lead - IT Security (15-18 yrs)
IT Security- SOC Lead
1. Reviewing current system security measures and recommending and implementing enhancements of the organization's technology and IT systems for proactive monitoring and incident control
2. Developing timelines for ongoing system upgrades and understanding of H/W & S/w life cycle management .
3. Planning, researching, and designing security architectures & Team management. Fulfil customer's audit, security and DR or Business continuity requirements &Coordinate with stakeholders and other delivery practices to address, follow-up, and resolve security issues as part of escalation matrix and process in customer delivery
4. Extensive experience in information security with a focus on security, performance, and reliability.
5. Solid understanding of security protocols, cryptography, authentication, authorization, and security.
6. Good working knowledge of current, threat vectors, IT risks and experience implementing security solutions, as well as conducts vulnerability assessments and penetration tests, and reviews alerts, industry news, threat intelligence, and security data. Actively hunts for threats that have made their way into the network, as well as unknown vulnerabilities and security gaps. When a major incident occurs, teams with the Tier 2 Analyst in responding to and containing it.
7. Basic knowledge of End point, LANs, WANs, VPNs, routers, firewalls, and related to network security devices and controls.
8. Experience implementing multiple security products rollout and understanding of log .
9. Hands on Experience in SIEM tool ,UEBA, Any data Classification & categorization Tool ,SOAR tool -Dashboard/Report management and activity tracker.
10. Knowledge of play books, scripting language and correlation tools & techniques .
11. Receives incidents and performs deep analysis; correlates with threat intelligence to identify the threat actor, nature of the attack, and systems or data affected. Defines and executes on strategy for containment, remediation, and recovery.
12. Day-to-day, conducts vulnerability assessments and penetration tests, and reviews alerts, industry news, threat intelligence, and security data. Actively hunts for threats that have made their way into the network, as well as unknown vulnerabilities and security gaps. When a major incident occurs, teams with the Tier 2 Analyst in responding to and containing it.
12. Responding quickly and effectively to all security incidents and providing support to inhouse Teams & participation in escalations.
13. Monitoring and guiding the security team, cultivating a sense of security awareness, and arranging for continuous education.
14. Remaining up to date with the latest security systems, standards, authentication protocols, and products.
15. Responsible for hiring and training SOC staff, in charge of defensive and offensive strategy. Manages resources, priorities and projects, and manages the team directly when responding to business-critical security incidents. The organization's point of contact for security incidents, compliance, and other security-related issues.
16. Direct the functions, processes, and operations of the SOC and ensures policies and procedures are followed.
17. Lead the 247 operations of the SOC to ensure optimal identification / resolution of security incidents and enhance security.
18. Ability to interact with a cross domain's personnel to explain and enforce security measures and ensure SLA compliances, process adherence, process improvement to meet operational objectives.
19. Manage the collection, documentation and research of security incidents received via the SOC. and able to provide realistic overview of risks and threats in the enterprise environment.
20. Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication,
21. Recovery and chain of evidence / forensic artefacts required for additional investigations.
22. Creation of reports, dashboards, metrics for SOC operations and presentation to Management.
23. Manage the process improvement program for SOC processes.
27. Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response techniques.
28. Provide direction, leadership and management of SOC personnel.
29. Establish performance goals and priorities.
30. Administer performance reviews for SOC personnel.
31. Hands on experience in malware analysis ( inclusive of reversing malware ) and response
32. Work with the customer and stakeholders to develop and maintain security plans, procedures, and other documentation as required
33. Work with various delivery teams to ensure toolsets used to detect infrastructure security events are deployed on all necessary platforms
35. Develop and plan out the necessary technology asset roadmap and direction
36. Constantly review existing methods and approaches, addressing any communication or process gaps
Education Qualifications : BE/B.Tech & Equivalent
1. Experience in Security domain and related certifications (like ITIL,CISM,ISO 2700LA,CEH ,CISSP etc) or knowledge
2. Must be have good knowledge of - Server /Network/Application (any of two)
3. Hands on and required basic knowledge of :-Firewall, IPS, VPN gateway, E-Mail Security, Web Access Firewall (WAF), Mobile Application Management (MAM/MDM), Network Access Control (NAC), Forward-Reverse Proxy, Data loss prevention (DLP), Two Factor Authentication (2FA) and other security solution.
2- General: - Team player and able to lead the team , Positive attitude, Good Communication with self-motivated .
General Experience : 15 to 18 years (not constraints for right candidate )
Primary Skills (Functional):
- Hands on and required basic knowledge of :-SIEM tool (DNIF, Srcsight, Qradar etc.), AI/ML, UEBA tool (Log Rhythm, Cynet, Splunk etc.)
- Must be have good knowledge of - Server /Network/Application worth multiple OS platform, Alert investigator, Incident Responder, Threat Hunter
- Team Management
- Scripting tool
- Experience in Security domain and related certifications (like ITIL,CISM,ISO 2700LA,CEH , CISSP etc)
Secondary Skills (Functional):
- Experience in Security domain and related certifications (like ITIL,CISM,ISO 2700LA, CEH, CISSP etc)
Behavioral Competencies/ Skills :
- Team player and able to lead the team, Positive attitude
- Good Communication self-motivated .
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.