L3Project Manager Technical
Location: Navi Mumbai
Experience: Minimum 5 Years in Information Security & Security Operations domain
Technologies: DAM, SOAR, EUBA, SIEM (Splunk), NBAD, PCAP, SBDL (Splunk), Vulnerability Management
Responsibilities:
- Integrate respective solution / technology with every other solution / technology deployed in the SOC setup
- Automation of all L1 & L2 activities
- Collaborate closely with Technical Account Manager (TAM)and engineering division of the respective OEM for early resolution to the product level cases, vulnerabilities, bugs, features enhancement, patches, versions etc.
- Single point of contact to the Banks stakeholders with respective OEM
- Maintain the suitable architecture of the technology solution
- Perform threat modelling of the Banks assets and accordingly define the necessary use cases
- Execute Major changes without any disruption and adverse impact.
- Continuously deliver the value of solution to the Banking terms of detecting all kind threats, accuracy
of detection, value added use cases and content development etc.
- Improvise threat hunting capabilities of the technology
- Continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to threat detection and prediction capabilities and put in place advanced use cases
- Continuous fine tuning of configuration, rules, policies etc.
- Continuous innovation and automations in intuitive dashboards, report, queries.
- Optimization of response time to fetch data, logs in advanced queries, reports, dashboards etc.
- Closely collaborate with onsite team of bidder and other SOC OEMs to leverage each technologies capabilities to develop inter-SOC and inter-IT Infrastructure technologies& services, logs, data ingestion, correlation, alerting etc. and automation
- Ensure logs ingestion from SBDL automation of incident, vulnerability etc. remediation through SOAR
- Threat Intel feed analysis, provide appropriate recommendations, define use cases to detect the threats according to the information provided in Threat intel
- Troubleshooting the technology level issues to ensure uptime, health, efficiency and optimal utilization of the technology without WebEx / RDP / SSH / remote system level support from offsite subject matter experts.
- Close the vulnerabilities, apply security & enhancement patches, upgrade versions.
- Ensure DC & DR set upsareinsynconreal-time basis in every manner.
- Participate in DR, cyber, tabletop drills etc.
- Responsible for ensuring end to end tight integration of the Banks IT Assets, other SOC solutions, Applications etc.
- Provide management report on respective solutions effectiveness
- Provide necessary support during the Forensics investigation and threat hunting
- Perform continuous assessment of respective solution maturity against global standards and fine tune the configuration parameters, technical policies, rules, algorithms accordingly.
- Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times.
- Provide on the job training to the officials of the Bank and bidder through structured and unstructured methods. Assess job knowledge of officials.
- Participate in meetings, discussions etc. to provide technology specific perspective. Make presentations on the current technology capabilities, use cases, automation done etc. and current and future enhancements / roadmap etc.
- Work at SOC as per Banks working calendar & hours and on holidays if situation demands.
- Above is illustrative list of general activities. Technology specific activities shall be arrived at in consultation with the Project Manager of the bidder and / or TAM of respective OEM.
Education: BE, B Tech, BSC-IT, MCA, BCA in IT / Computer / Electronics & Telecom or related field
Certifications:
OEM Certification: Recommended Splunk Core Certified Consultant
Industry Certification: CEH/CHFI/GSEC/GMON/ITIL or any equivalent Security Certification
Mandatory Certification: CISA/CISSP/OSCP/OSCP/ GPYC/GREM etc.
Didn’t find the job appropriate? Report this Job