Reporting Structure

• Reports to AVP – Security Operations Centre

Education

• University degree in the field of computer science or IT.

Experience/ Qualifications

• 2-3 years of working experience in a security operations centre.
• Strong knowledge of incident management, problem management and change management best practices
• A high level understanding of multi-tiered applications, load balancing and firewalls
• Knowledge of network security, intrusion prevention system, System information and event management (SIEM), integrating servers/ devices/ application with SIEM, co-relation rules creation
• Knowledge of WAF, PIM, DAM and Vulnerability assessments would be an added advantage

Industry

• Information technology

Responsibilities

• Incident Management for Security Operations Center.
• Review alerts raised by the SIEM, analyze the events and classify them
• Ensure tickets are logged in the IT ticketing system
• Follow up on closure of the tickets with the relevant stakeholders
• Report on exceptions, highlight delays in incident closure
• Assist in developing SOC vision, align to business, and build a roadmap to achieve it. 
• Ensure that all servers, key applications, networking devices, security devices are integrated to SOC.
• Ensure that all attacks on RBI information system are detected and managed

Industry Certifications

• Technology vendor certifications added advantage (Cisco/Checkpoint/RSA/IBM/HP etc.)
• Industry standard frameworks (ITIL/ISO/NIST/PCI-DSS)