Senior Manager - Security Operations Center

Job description

- Lead 24x7x365 Security Operations Center team

- Establishes and assures adherence to schedules, work plans and performance requirements

- Ensures compliance to contractual obligations (e.g., SLAs, Deliverables, etc.)

- Manages relationship with clients on a daily/weekly basis, coordinate activities, negotiate tasks, and solve problem

- Manage and Mentor SOC Analysts/Leads and ensures their compliance with SOC policies, procedures, and work instructions

- Manages, measures, and reports on the activities and performance of the SOC team

- Works closely with Incident Response Teams to analyze and resolve security incidents

- Ensures services provided to customers for network security implement protection, goals and initiatives to meet and align with legal and regulatory requirements

- Identifies information security risk within the enterprises and recommends priorities for risk mitigation

- Provides technical leadership

- Update SOC Policies and Procedures periodically.

- Assures quality of services and deliverables, including participating in reviews, audits, and site visits.

Job Requirements

- 9 years- experience in a SOC environment or Information Security Management and atleast 2 years in managing a 24x7 SOC

- Experience managing a 24x7 shift staff

- Able to act as a SOC Lead and mentor SOC Analysts

- Experience in the containment and remediation of active Security Incidents

- Able to document and present after action reports to management

- Understand a variety of network protocols including TCP/IP, UDP, DHCP, FTP, SFTP, ATM, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP and HTTPS.

- Understanding of various cyber-attacks and recent hacking techniques

- Use vulnerability assessment data to pinpoint potential points of attack.

- Deeper Understanding of all Operating Systems, Virtualization technologies, Network Devices, Cloud computing concepts, Web Proxies, Firewalls, Intrusion Detection/Prevention Systems, Antivirus Systems, Data Loss Prevention, Vulnerability Assessment tools - Nessus, Qualysguard, etc.

- Understanding of Organization Security Architecture, ISMS Processes - ISO 27000 Standards

- Experience working with SIEM technologies desired Splunk

- Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause.

- Strong Customer Management and decision-making skills.

- Strong oral and writing skills to articulate complex ideas clearly and effectively; experience creating and presenting documentation and management reports.

- Ability to manage multiple tasks, priorities, and operational assignments in a high pressure environment.

Education & Certifications

- B.E./ B.Tech./MCA or MS In Information Security

- CISSP / CISM

- GIAC Certified Intrusion Analyst, or GIAC Certified Incident Handler,

- CompTIA Security +, Cisco Certified Security Professional/Associate, CEH, ISO 27001-LI/LA

- Certifications in Splunk Security app/HP Arcsight/IBM Qradar or other SIEMs