RESPONSIBILITIES
- The person in this role is expected to bring in rich techno-managerial experience in cyber security operations. The person will bring in thought leadership and will roll up sleeves to jump in trenches to guide the team for effective incident management.
- It is expected that the person owns end-to-end Incident Management process and tracks Key Performance Indicators (KPIs) and Metrics towards the same.
- Leads cyber incident notifications containment, investigation, remediation, and communication. The person in this role also coordinates with external investigators/specialists in major incidents.
- Participates in discussions involving SOC capability projects and services for appropriate integration of technology and use-cases. Utilizes latest and advanced knowledge of SOC Technologies across various platforms for effective monitoring, alert triaging, and incident management.
- Manages stakeholder and vendor partner relationships and streamlines RACI with them for effective support and service delivery for incident management.
- The person in this role is expected to be a great leader and coach to the team and should be able to communicate complex cyber matters confidently and effectively to senior stakeholders in a simple language.
KEY REQUIREMENTS (Education, Work Experience & Skills)
MANDATORY
- Hands-on experience with SOC Technologies: SIEM, EDR / XDR, SOAR.
- Hands-on experience in malware analysis, forensics and network security.
- Minimum 12 years of enterprise experience in a global SOC (Security Operations Centre) domain with minimum 5 years of people management experience.
- Strong ethics, values, and great communication skills.
- Working knowledge of at least one of the scripting tools: Python/ Perl/ PowerShell.
- GIAC Certification GCFE/ GCFA/ GREM/ GNFA / GCIA / GMON.
- Certification in Azure / AWS / GCP security.