Project Manager - Technical

L3Project Manager Technical

Location: Navi Mumbai

Experience: Minimum 5 Years in Information Security & Security Operations domain

Technologies: DAM, SOAR, EUBA, SIEM (Splunk), NBAD, PCAP, SBDL (Splunk), Vulnerability Management

Responsibilities:

- Integrate respective solution / technology with every other solution / technology deployed in the SOC setup

- Automation of all L1 & L2 activities

- Collaborate closely with Technical Account Manager (TAM)and engineering division of the respective OEM for early resolution to the product level cases, vulnerabilities, bugs, features enhancement, patches, versions etc.

- Single point of contact to the Banks stakeholders with respective OEM

- Maintain the suitable architecture of the technology solution

- Perform threat modelling of the Banks assets and accordingly define the necessary use cases

- Execute Major changes without any disruption and adverse impact.

- Continuously deliver the value of solution to the Banking terms of detecting all kind threats, accuracy

of detection, value added use cases and content development etc.

- Improvise threat hunting capabilities of the technology

- Continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology to threat detection and prediction capabilities and put in place advanced use cases

- Continuous fine tuning of configuration, rules, policies etc.

- Continuous innovation and automations in intuitive dashboards, report, queries.

- Optimization of response time to fetch data, logs in advanced queries, reports, dashboards etc.

- Closely collaborate with onsite team of bidder and other SOC OEMs to leverage each technologies capabilities to develop inter-SOC and inter-IT Infrastructure technologies& services, logs, data ingestion, correlation, alerting etc. and automation

- Ensure logs ingestion from SBDL automation of incident, vulnerability etc. remediation through SOAR

- Threat Intel feed analysis, provide appropriate recommendations, define use cases to detect the threats according to the information provided in Threat intel

- Troubleshooting the technology level issues to ensure uptime, health, efficiency and optimal utilization of the technology without WebEx / RDP / SSH / remote system level support from offsite subject matter experts.

- Close the vulnerabilities, apply security & enhancement patches, upgrade versions.

- Ensure DC & DR set upsareinsynconreal-time basis in every manner.

- Participate in DR, cyber, tabletop drills etc.

- Responsible for ensuring end to end tight integration of the Banks IT Assets, other SOC solutions, Applications etc.

- Provide management report on respective solutions effectiveness

- Provide necessary support during the Forensics investigation and threat hunting

- Perform continuous assessment of respective solution maturity against global standards and fine tune the configuration parameters, technical policies, rules, algorithms accordingly.

- Prepare road map for product maturity and enhancements plan and ensure the recommended featured deliver within the agreed times.

- Provide on the job training to the officials of the Bank and bidder through structured and unstructured methods. Assess job knowledge of officials.

- Participate in meetings, discussions etc. to provide technology specific perspective. Make presentations on the current technology capabilities, use cases, automation done etc. and current and future enhancements / roadmap etc.

- Work at SOC as per Banks working calendar & hours and on holidays if situation demands.

- Above is illustrative list of general activities. Technology specific activities shall be arrived at in consultation with the Project Manager of the bidder and / or TAM of respective OEM.

Education: BE, B Tech, BSC-IT, MCA, BCA in IT / Computer / Electronics & Telecom or related field

Certifications:

OEM Certification: Recommended Splunk Core Certified Consultant

Industry Certification: CEH/CHFI/GSEC/GMON/ITIL or any equivalent Security Certification

Mandatory Certification: CISA/CISSP/OSCP/OSCP/ GPYC/GREM etc.