- 5+ years of experience in Security Operations Centre, SIEM implementation and operation rollout
- Must have hands on experience in implementing, managing and review of Security Operations Centre
- Must understand network, security architecture, log correlations, setting up SIEM event rules and its review
- Technically sound and having good experience on OS, Database, Network and Web security and cyber security control assessment
- In-depth Security Incident Management experience
- Experience in conducting and participating in internal/external audits such as, regulators, clients and partner audits etc.
- Ability to work independently or as part of a team
- Excellent written, oral communication and presentation skills
- Excellent organizational and interpersonal skills
- Assess the SOC implementation and monitoring to identify critical issues that may affect the risk posture of the organizational information assets.
- Assess SOC implementation and monitoring against various industry maturity and capability assessment model.
- Assessing roles of SOC in various phases of NIST - Cyber Security Framework, Red Team, Blue Team exercise.
- Evaluate KPIs and related metrics for the SOC.
- Review VAPT reports and identify observations.
- Develop and maintain audit checklist and documents.
- Audits of information technology systems and infrastructures to verify systems are secure and support the related applications or business processes.
- Audit network designs, change management, patch management, incident management, backup management process, firewall rule review, user access.
- Audit of information security processes such as security event monitoring and resolution, incident response, vulnerability assessment.
- Audit implementation of Systems & Network Architecture including Micro Segmentation, SDN, Cloud Security, Wireless Security etc.
- Developing project plans, work programs, evaluating system controls, documenting results, making recommendations, and communicating information to stakeholders
- Identify and draft thought leadership articles pertaining to SOC Process, Security Incident Handling, SOAR (Security Orchestration, Automation and Response)
- Research public domain to keep up to date knowledge on latest technologies like next generation SIEM, SOAR, User Behavior Analysis, Deception technologies, Cloud security, IoT, Software Defined Network (SDN) etc.
- Should be a self-learner and must keep updated with latest threats and vulnerabilities researched/discovered.
- Candidate should be willing to travel extensively within Mumbai and across the country for performing audits.