An effective and intelligence-led 24×7 Cyber Security Operations function to perform security monitoring, incident response, data loss prevention, vulnerability management, threat intelligence and threat hunting.
In the enhancements on incident response life cycle, security tools, SOAR playbook, IR runbooks and security processes for daily security operations.
It is an important mandate that you create, manage, and develop the roadmap and plans for the Cyber Operations to drive continuous improvement in maturity and capability, as well as implementation of new technology enhancements that support the Cyber Operations. Additionally, define operational and efficacy metrics by which success will be measured.
You will provide effective cyber security monitoring and timely response to address security events and incidents. As the role requires you to lead response and investigation on cyber security incidents and threats, you will be the incident response manager to triage and manage all cyber security incidents across the enterprise. In addition, assist to build and enhance on enterprise detect, response and recovery security functions.
Hands on to the role, you will utilize and understand the common data available from security tools, including Log Management, Security Information and Event Management (SIEM), firewall, intrusion prevention systems, Anti-Virus, Privileged Access Management and Data Loss Prevention (DLP) systems.
As a leader to the team, you need to stay abreast of the threat landscape by monitoring and researching on OSINT and related intelligence.
The ideal profile should have / be:
- Degree/Diploma or higher in Computer Science, Information Systems or equivalent
- At least one security certification is preferred, such as Certified Information Security Management (CISM) or any SANS GIAC Security Certifications.
- At least 5 years of experience or more in Cyber Security Operations, Incident Response, Threat Intelligence or Vulnerability Management.
- Proven track record in establishing and managing a Cyber Managed Service Operations.
In-depth knowledge of :
- incident response plan, intrusion detection in-depth, adversary tactics, techniques and procedures and vulnerability management.
- threat intelligence lifecycle, threat hunting methodology, cyber kill-chain, MITRE attack framework.
- Log Management, Security Information and Event Management (SIEM), Data Loss Prevention (DLP) systems.
- Excellent communications and able to work well at all level.
Required Skill Sets
- Security Management/ SIEM/ Incident management
Min Experience in years: 5 Years
Max Experience in years: 12 Years
Recruiters Name (Full Name): Bharat Nagar
Recruiters contact number: 6531632420