Eventus Security - Security Operations Center Head (10-14 yrs)

Designation : SOC Head

Department : Security Operations - SOC

Location : Ahmedabad, India

Experience : 10-14 Years in Security Operations Center (SOC)

Job Summary :

We are seeking a highly experienced and strategic SOC Head to lead our Security Operations Center in Ahmedabad. The ideal candidate will possess a deep understanding of cybersecurity principles, incident management, threat intelligence, and security technologies. You will be responsible for leading a 24x7 SOC team, ensuring the effective monitoring, detection, and response to security incidents, and driving continuous improvement in our security posture.

Roles and Responsibilities :

- Lead and manage the 24x7 SOC team, fostering a culture of innovation, accountability, and continuous improvement.

- Establish and maintain operational procedures, workflows, and service level agreements (SLAs) for the SOC.

- Provide strategic direction and guidance to the SOC team, aligning security operations with business objectives.

- Manage team performance, conduct regular performance reviews, and provide coaching and mentoring.

- Ensure adequate staffing, training, and development of SOC personnel.

- Manage budgets and resources for the SOC.

- Develop and implement incident response plans and procedures.

- Lead incident response efforts, ensuring timely and effective containment, eradication, and recovery.

- Conduct post-incident analysis and reporting, identifying lessons learned and implementing corrective actions.

- Ensure accurate and timely incident reporting and communication to stakeholders.

- Proficient in Incident Management and Response.

- Oversee the continuous monitoring of security events and alerts using SIEM (ArcSight) and other security tools.

- Perform threat management, threat modeling, and threat intelligence analysis.

- Develop and implement use cases for security monitoring and detection.

- Identify and analyze threat vectors and develop mitigation strategies.

- Responsible for integration of standard and non-standard logs in SIEM.

- Experience in threat management.

- Manage and maintain security devices, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions.

- Ensure the effective configuration and operation of SIEM (ArcSight) for log collection, correlation, and analysis.

- Management, administration & maintenance of security devices under the purview of ITGRC which consists of state-of-the-art technologies.

- Revise and develop processes to strengthen the current Security Operations Framework.

- Review and update security policies and procedures.

- Identify and address gaps in security controls and processes.

- Highlight the challenges in managing SLAs.

- Manage relationships with security vendors and service providers.

- Evaluate and select security tools and technologies.

- Monitor vendor performance and ensure adherence to SLAs.

- Experience in performing vendor management.

- Create and present reports, dashboards, and metrics for SOC operations to senior management.

- Provide regular updates on security incidents, threats, and vulnerabilities.

- Communicate effectively with stakeholders, including IT, business units, and external partners.

- Excellent communication and leadership skills.

Skills and Qualifications :

- In-depth knowledge of security concepts, cyber-attacks, techniques, threat vectors, risk management, and incident management.

- Strong analytical, problem-solving, and interpersonal skills.

- Ability to handle high-pressure situations and manage critical incidents.

- Good Analytical skills, Problem-solving and Interpersonal skills.

- Ability to handle high-pressure situations with key stakeholders.

- Experience in security device management and SIEM (ArcSight)

- Monitoring, detection, incident response, and automation to proactively support ongoing security operations in an enterprise environment.

- Bachelor's Degree in Engineering (BE), Information Technology (IT) Engineering, Master of Computer Applications (MCA), or Master of Technology (M.Tech).

- Certified Ethical Hacker (CEH) certification required.

- Certified Information Systems Security Professional (CISSP) certification required.

- Additional security certifications (e.g., SANS GIAC, CISM, CISA) are highly advantageous.