Manager - Cyber Defense Center

MANAGER - CYBER DEFENS CENTER

- Manage 24 X 7 X 36 Cyber Security operations team in MGS, Bangalore. Security monitoring, incident detection, event triage, and incident escalation.

- Managed processes linked to intrusion monitoring, detection, triage, investigation, and notification and escalation activities.

- Monitoring of threat monitoring data, and formalizes response based on each incident.

- Subject matter expertise on Cyber Security, participates in Information Security strategies, also evaluates new solutions for implementation as and when needed.

- Monitors bank's threat landscape including mitigation plans, effective monitoring and reporting. Being a contact point in case of incident and managing incident from its detection to closure and post incident analysis.

- Communicate in an appropriate way to all concerned stakeholders to prevent and further damage due to an incident.

- Threat Hunting and Advanced Threat management will be primary focus of this role along with in -depth investigation and support to incidents escalated from SOC

- Carry out containment of cyber-attacks in order to prevent further infections.

- Assess the contract ual and legal impact of a cyber security incident.

- Provide a scene / fieldwork response to digital investigations from the case strategy through to the investigation into recovered digital media.

- Owning Major Security Incident process and driving Major Security Incident when happens will also be one of the key responsibilities

- Strong knowledge in malware analysis would be a plus and the ability to conduct detailed analysis of various security related events like Phishing, Malware,

- DoS/DDoS, Application specific At tacks, Ransomware etc.

- Form visualizations about the cyber-attacks and propose remedial steps based on the attack patterns.

- Provide day to day management and oversight of Tier I and Tier II SOC Teams

- Evaluate existing SIEM rules, filters, events, incidents, and use cases and implement appropriate processes and technology tools to meet business requirements.

- Act as a Arcsight or Sentinel enterprise subject matter expert. Cloud and Digital Ecosystem, Microservices and Open API Framework, Blockchain related technology

- Enterprise Infrastructure, Business Technology, and related Application

- Security frameworks such as NESA, CIS, NIST, SOC2, ISO

- Ability to do issue analysis and root cause of all problems

- Ability to prepare root cause analysis and devise solutions for problem remediation.

- Implementation and effective change management for the new solution or corrective actions

- Deep understanding of the IS ecosystem to prepare business impact for all

- Problems Responsible for Validating any proposed security solutions to mitigate cloud digital risks and on prem IT infrastructure

- Develops and Maintains key security metrics related to Cyber Defense management

- Conducts PoC of relevant Cyber Security solutions/technologies and document findings and suggestions for further evaluations

- Participates in Security Reference Architecture f or Mashreq's IS platforms

- Ability to work with peers and shift officers with minimal supervision

- Contributes on policy preparation, regulation applicability, scoping and control decision.

- Prepares Cybersecurity controls design for IS solutions

Knowledge, Skills and Experience:

- Graduate/ Post Graduate degree in Science/ Engineering/ IT

- Minimum 1 Certifications in CISSP, CISM, CISA, CEH, GCED, GCIA, CCSK, CISSP, Azure Security.

- Working experience on Threat Intelligence research and analysis

- Experience with malware analysis and log monitoring in cloud environment such as Azure

- Detailed analysis of security incident and RCA identification.

- Provide recommendation f or resolution and coordinate with the platform owners.

- Support incident response team for the incident management.

- Handle incidents escalated by Sr. Security analyst

- Experience creating SOPs and use cases for Analyst team working in cyber defense center

- Experience generating standard and custom reports for Security Operations Center

- Experience integrating Data feed into SIEM tool.

- Research on new threats and IOCs and build mitigating steps for the same.

- Perform ongoing fine tuning of the SIEM to optimize the resource utilization.

- Recommend use cases based on log analysis and report analysis

- 8+ years Information Security experience with minimum 4 years' of experience

- working in Security Operations Center/ Cyber Defense monitoring.

Note- We are only looking for DIVERSITY Candidates.