MANAGER - CYBER DEFENS CENTER
- Manage 24 X 7 X 36 Cyber Security operations team in MGS, Bangalore. Security monitoring, incident detection, event triage, and incident escalation.
- Managed processes linked to intrusion monitoring, detection, triage, investigation, and notification and escalation activities.
- Monitoring of threat monitoring data, and formalizes response based on each incident.
- Subject matter expertise on Cyber Security, participates in Information Security strategies, also evaluates new solutions for implementation as and when needed.
- Monitors bank's threat landscape including mitigation plans, effective monitoring and reporting. Being a contact point in case of incident and managing incident from its detection to closure and post incident analysis.
- Communicate in an appropriate way to all concerned stakeholders to prevent and further damage due to an incident.
- Threat Hunting and Advanced Threat management will be primary focus of this role along with in -depth investigation and support to incidents escalated from SOC
- Carry out containment of cyber-attacks in order to prevent further infections.
- Assess the contract ual and legal impact of a cyber security incident.
- Provide a scene / fieldwork response to digital investigations from the case strategy through to the investigation into recovered digital media.
- Owning Major Security Incident process and driving Major Security Incident when happens will also be one of the key responsibilities
- Strong knowledge in malware analysis would be a plus and the ability to conduct detailed analysis of various security related events like Phishing, Malware,
- DoS/DDoS, Application specific At tacks, Ransomware etc.
- Form visualizations about the cyber-attacks and propose remedial steps based on the attack patterns.
- Provide day to day management and oversight of Tier I and Tier II SOC Teams
- Evaluate existing SIEM rules, filters, events, incidents, and use cases and implement appropriate processes and technology tools to meet business requirements.
- Act as a Arcsight or Sentinel enterprise subject matter expert. Cloud and Digital Ecosystem, Microservices and Open API Framework, Blockchain related technology
- Enterprise Infrastructure, Business Technology, and related Application
- Security frameworks such as NESA, CIS, NIST, SOC2, ISO
- Ability to do issue analysis and root cause of all problems
- Ability to prepare root cause analysis and devise solutions for problem remediation.
- Implementation and effective change management for the new solution or corrective actions
- Deep understanding of the IS ecosystem to prepare business impact for all
- Problems Responsible for Validating any proposed security solutions to mitigate cloud digital risks and on prem IT infrastructure
- Develops and Maintains key security metrics related to Cyber Defense management
- Conducts PoC of relevant Cyber Security solutions/technologies and document findings and suggestions for further evaluations
- Participates in Security Reference Architecture f or Mashreq's IS platforms
- Ability to work with peers and shift officers with minimal supervision
- Contributes on policy preparation, regulation applicability, scoping and control decision.
- Prepares Cybersecurity controls design for IS solutions
Knowledge, Skills and Experience:
- Graduate/ Post Graduate degree in Science/ Engineering/ IT
- Minimum 1 Certifications in CISSP, CISM, CISA, CEH, GCED, GCIA, CCSK, CISSP, Azure Security.
- Working experience on Threat Intelligence research and analysis
- Experience with malware analysis and log monitoring in cloud environment such as Azure
- Detailed analysis of security incident and RCA identification.
- Provide recommendation f or resolution and coordinate with the platform owners.
- Support incident response team for the incident management.
- Handle incidents escalated by Sr. Security analyst
- Experience creating SOPs and use cases for Analyst team working in cyber defense center
- Experience generating standard and custom reports for Security Operations Center
- Experience integrating Data feed into SIEM tool.
- Research on new threats and IOCs and build mitigating steps for the same.
- Perform ongoing fine tuning of the SIEM to optimize the resource utilization.
- Recommend use cases based on log analysis and report analysis
- 8+ years Information Security experience with minimum 4 years' of experience
- working in Security Operations Center/ Cyber Defense monitoring.
Note- We are only looking for DIVERSITY Candidates.
Didn’t find the job appropriate? Report this Job