- Experience in global delivery operations support model (e.g. 24*7/16*8).
- Primarily responsible for security event monitoring, management and response of MSSP clients.
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
- Revise and develop processes to strengthen the current Security Operations framework, Review policies and highlight the challenges in managing SLAs.
- Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre.
- Should have experience in developing SOC documents like SLA, Service Schedule, SMF etc.
- Should have managed a team of at least 8 to 10 professional which includes performance management.
- Should have experience in mentoring professionals with technical subject matter as well as professional growth.
- Should have experience in service delivery capacity planning, resource management and service level optimization.
- Should have experience in establishing and managing quality processes and measurement metrics (KPIs) for information security operational services.
- Should have good knowledge of industry standard service delivery and management process frameworks such as ITIL.
- Should have experience in leading IT security operational meetings with key internal and client stakeholders e.g. participation in CAB meetings, Periodic IT security operational meetings etc.
- Should have experience in leading security incident response and handling such as security device outages, breaches, worm/virus outbreaks etc.
- Should have experience in knowledgebase development and management
- Should have deep technical experience in monitoring, troubleshooting and management of security tools and technologies such as SIEM, Firewall, Content Filtering Systems, Intrusion Detection and Prevention Systems, Antivirus, Threat Management Solutions , Data Loss Protection, Vulnerability Management Solutions, SLB/Proxy etc
- Should have experience in maintaining and managing security configurations for network devices and Servers. Experience with automated configuration and change management tools is desired.
- Should have good knowledge of various network and server platforms.
- Ability to create technical documentation related to day to day operations & deliverables of SOC
- Proficient in Incident Management and Response
- Experience in security device management and SIEM
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Experience in threat management,
- Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix
- Knowledge of applications, databases, middleware to address security threats against the same.
- Proficient in preparation of reports, dashboards and documentation
- Excellent communication and leadership skills
- Experience in performing vendor management
- Good Analytical skills, Problem solving and Interpersonal skills
Must be a BE-IT / B Tech /Comps. Should possess at least 2 certification in security preferably the following: