Manager/Senior Manager - Security Operations - Information Security

We have this opportunity with one of a leading brand in the country. The work location shall be adjacent to Gurgaon.

The role involves working into general shifts along with commuting facility.

Role Briefing

Responsible for conducting information security investigations as a result of security incidents identified by the Level-1 and 2 security analysts. Is expected to have a solid understanding of information security and computer systems concepts and hands on knowledge of SIEM. Will act as a point of escalation for Level-2 SOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques.

Job Description - 

- Meeting with Customer and requirements gathering.

- Supportive & Non Supportive Log Source integration.

- Rule Base & Log Source Reconciliation.

- Lead in Solution Designing & Optimization in Existing Setup.

- Handling the cases/incidents escalated by L1 & L2.

- 05 years- experience of Use Case development and USDM writing.

- Alerts concerned stakeholders of intrusions and potential intrusions and compromises to their IT environment. Actively maintain and track of all investigates to the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies concerned when appropriate.

- Maintain SLA for all reported incidents and resolve within stipulated time. Configuration Review of security devices e.g IPS, IDS, SIEM, Firewall

- Document actions in cases to effectively communicate information internally and to customers

- Respond to needs and questions of customers concerning their access to network resources through their managed device.

Skills Required

- Understanding of Incident Response framework and procedure

- Minimum 10 years of experience in Information Security and relevant 06-07 years of experience in security operations center (SOC).

- Having relevant certificate GCIH, CEH, CHFI will be an advantage and will be given preference

- Experience of Qradar

- Deep Knowledge of Common internet Protocols and internet applications

- Understanding of security Controls and network arch

- Deep knowledge of SIEM tool configuration, deployment, administration, building use cases and maintaining up to date configuration

- Deep Understanding of TCP/IP, Network Analysis and different typs of logs.

- Deep understanding tools like Wireshark, Endpoint tools, Incident response frameworks and good understanding of common hacking technique.