jobseeker Logo
Now Apply on the Go!
Download iimjobs Jobseeker App and get a seamless experience for your job-hunting
27/05 Vinay Chanodkar
Deputy Manager at SkillVentory - A Leading Talent Research Firm

Views:42 Applications:7 Rec. Actions:Recruiter Actions:5

Senior Manager - MDR Architect - IT Security (15-23 yrs)

Chennai Job Code: 1101725

Mandate skills /Skills pref - MDR/SIEM/Threat Hunting/Threat Defence/ Some who worked on SIEM Threat related work.

Managed Detection & Response (MDR) Engineering - Team Lead.

You will lead the managed detection & response engineering team providing direction and thought leadership for the MSSP MDR portfolio. The key responsibilities include the architectural enhancements, content and value creation addressing evolving threat vectors, new platform deployments, capacity management, threat research, intelligence and hunting and performing customer POCs/demonstrations to prove the POV. Additional responsibilities include providing L4 support for the CFT teams covering SOC, delivery and solutions group.

Roles & Responsibilities:

- Lead a team of experts from SIEM, SOAR, Analytics, EDR, Threat Intelligence and hunting and providing them directions to enhance the current services and connect with the bigger picture of MDR.

- Lead a group of resources to perform threat research, advisory and derive detection use cases, models, hunting queries based on the evolving threat vectors.

- Perform design & architecture on the building blocks of the MDR components namely SIEM, Analytics, SOAR, CTI, EDR, Intelligence and Hunting.

- Perform technical evaluation of new components in the MDR building block and create services out of the same in a way that can be consumed by the Cross functional teams.

- New platform deployments in multiple locations where we decide to run SOC.

- Effective capacity management based on the incoming log flow vs capacity available at the backend to support the services

- Continuously enhancing the content for effective detection involving SIEM use cases, SOAR playbooks, Threat hunting queries and Analytics models.

- Provide detailed inputs to development teams for the customer services portal that provide MDR dashboards, reports, log & event search options for the customers.

- Engage with SOC on major attack investigation and provide expert guidance on containment, eradication, or recovery.

- Support solution teams in customer conversations for highly complex asks, perform POC/demonstration to prove value.

- Attend industry conferences, webinars and bring in more external view into the improvement of the services to the customers.

Skills required:

- Around 15 years of experience in Security and at least 10 years in threat management. Excellent communication skills for stakeholder management.

- Strong & deep understanding of the evolving threat vectors & attack surface and building detection logic for the same

- Solid understanding of MITRE ATT&CK framework and its application in detection.

- Solid understanding in Correlation, Security analytics, Incident investigation and response.

- Extensive hands-on skills on any one SIEM technologies preferred.

- Understanding on Threat Intelligence. Experience on building a threat intelligence aggregator or platform is preferred. Good understanding on Dark/Deep web analyses.

- Experience in using diamond model to perform incident investigation, hands on knowledge on threat hunting queries.

- Good basics on systems & networks to support platform design and in threat hunting.

- Certifications like SANS CTI, SIEM vendor certifications, Incident response preferred

- Additional certifications could be CISSP, CEH.

Women-friendly workplace:

Maternity and Paternity Benefits

Add a note
Something suspicious? Report this job posting.