SOC Lead - Cyber Security

Responsibilities

1. Experience 5-10 Years in SOC 
2. Sentinel SIEM administration and operation management
3. Custom/unsupported devices integration with Sentinel SIEM and use cases creation
4. Content creation on SIEM to cover all stage of MITRE.
5. Design, develop, monitor, adhere to various SLAs/KPIs/KRIs applicable to Security Operations Centre.
6. Creation of customized reports and dashboards for presentation to various stakeholders.
7. Identify and address technical or operational risks.
8. SIEM and other security platform performance and capacity management
9. Technical depth in one or more specialties including: Malware analysis, Host analysis and Digital forensics.
10. Strong understanding of Security Operations and Incident Response process and practices
11. Experience performing security monitoring, response capabilities, log analysis and forensic tools.
12. Strong understanding of operating systems including Windows, Linux and OSX
13. Experience with SIEM, SOAR, EDR, Network, AWS, and Azure security tools
14. Experience with IR and Forensic investigations within Cloud environments such as AWS and Azure
15. Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)
16. Excellent critical thinking and analytical skills, organizational skills, and the ability to work as part of a team.
17. Excellent verbal and written communication skills
18. Should be comfortable to be part of 24*7 SOC services.

Qualifications

• Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).
• Advanced interpersonal skills to effectively promote ideas and collaboration at various levels of the organization
• One or more security-related certifications from any of the following organizations: SANS - [GCIH, GCFE, GCFA], AWS, Azure Cloud security Certifications or equivalent are desired