NetEnrich - Practice Head - SOC

NetEnrich: A Better Way to Manage IT from the Closet to the Cloud NetEnrich( www.netenrich.com ) offers the IT channel a comprehensive suite of - Closet to Cloud- packaged services for remote IT infrastructure management and enterprise IT operations. The company's innovative Service Delivery Framework gives solution providers and MSPs instant access to a proprietary NetEnrich Service Gateway (NSG) and Agent technology platform which powers a highly secure ISO 27001 Network Operating Center (NOC) available 24x7x365 using ITIL-based Standard Operating Procedures (SOPs) and methodologies, for a better way to grow and scale an IT services business. Partners purchase NetEnrich services on a annual or monthly service contract to enhance or augment their IT operations, some choose to resell NetEnrich services directly to their end customers.

Roles and Responsibilities of Practice Head - SOC.

Implements security solutions (infrastructure and/or application) including the design, configuration, development, testing and deployment of security-related technologies such as Security Information & Event Monitoring (SIEM), Identity & Access Management, IDS/IPS, Data Loss Prevention, Digital Rights Management, Network Access Control

Experience in building Security Operations Center (SOC), developing processes, building Teams

Review the information and logs from various security systems on a day-to-day basis, like the firewalls, IPS/IDS device, SIEM, End-Point security and database logs

Examining malicious software, suspicious network activities, and non-authorized presence in the network to analyze the nature of the threat, and secure and monitor firewall configurations.

- Understand the specimen's attack capabilities, its pagation characteristics, and define signatures for detecting malware presence.

NETENRICH Provides technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation. Responsible for designing and implementing solutions for protecting the confidentiality, integrity and availability of sensitive information.

Develops information security roadmaps, business cases and remediation plans;

Ensures that the Information Systems Security department's policies, procedures, and practices as well as other systems user groups are in compliance.

Conducts information security risk assessments and control selection activities

Design and implementation of security processes

Works with multiple customers and Develops information security strategies;

Monitors security systems, and analyzes potential threats and vulnerabilities to client systems.

Develops new computer and network security systems, including both hardware and software.

Coordinates technical incident response and remediation activities for client environments.

Provides security analysis and consultation services for product, system and network architecture designs.

Analyzes network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.

Analyzes security findings and data.

Offers internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization and promotes the commercial advantages of managing information security risks more efficiently and effectively

Contributes towards the preparation and authorizes the implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with the Security Committee.

NETENRICH Definition and development of security control designs including those required to support external regulations;

Contributes towards the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations, such as PCI DSS.

Designs and executes information security awareness training and educational activities

Routine line management and leadership of staff within the Information Security Management function

Conducts activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties

Assist with the due-diligence process for external and third-parties and providing the information as and when required by the clients

Reviewing the requests from users pertaining to security and providing the recommendations to Management

Assist with the proof-of-concepts and testing of new security software and tools being considered by the organization

Assist with the day-to-day audit of the servers and end-user systems to identify noncompliance and risks and working with the IT team in remediating the findings

Document the various IT security procedures, standards and guidelines and keeping various security documents current and up-to-date

Will require some on call support that can be done from home.

Provides technical evaluations of customer systems and assists with making security improvements.

NETENRICH Participates in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operations impact to customer organization.

Conducts security product evaluations, and recommends.

Conducts testing and audit log reviews to evaluate the effectiveness.