- Reports to AVP – Security Operations Centre
- University degree in the field of computer science or IT.
- 2-3 years of working experience in a security operations centre.
- Strong knowledge of incident management, problem management and change management best practices
- A high level understanding of multi-tiered applications, load balancing and firewalls
- Knowledge of network security, intrusion prevention system, System information and event management (SIEM), integrating servers/ devices/ application with SIEM, co-relation rules creation
- Knowledge of WAF, PIM, DAM and Vulnerability assessments would be an added advantage
- Incident Management for Security Operations Center.
- Review alerts raised by the SIEM, analyze the events and classify them
- Ensure tickets are logged in the IT ticketing system
- Follow up on closure of the tickets with the relevant stakeholders
- Report on exceptions, highlight delays in incident closure
- Assist in developing SOC vision, align to business, and build a roadmap to achieve it.
- Ensure that all servers, key applications, networking devices, security devices are integrated to SOC.
- Ensure that all attacks on RBI information system are detected and managed
- Technology vendor certifications added advantage (Cisco/Checkpoint/RSA/IBM/HP etc.)
- Industry standard frameworks (ITIL/ISO/NIST/PCI-DSS)