SOC Manager

 * Responsible in monitoring SIEM solutions and a variety of other security devices found in a SOC environment (eSIEM, Behavioral Analytics tools, IDS/IPS, and security analytics platforms)

* Lead, manage day to day SOC operations and provide threat and vulnerability analysis as well as security advisory services

* Experience leveraging core security and infrastructure technologies during investigations (egfirewall logs, network security tools, malware detonation devices, proxies, IPS/IDS and so on)

* Develop/update and follow Standard Operating Procedures (SOP s) and Playbooks to handle standard and out-of-band alerts

* Responsible for integrating various log sources, integrations of on premise / on cloud assets, creation of custom use cases / test cases in SIEM solution

* Report to the Incident Response Team quickly and efficiently regarding urgent matters

* Ensure ticket queues are always within satisfactory limits and all tickets are updated as per SLA s

* Integrate and share information with internal departments and client operations teams

* Creating and maintaining documentation for security event processing

* Responsible for preparation of reports, dashboards and documentation and presenting the same to client management and in-house management

* Co-ordination with stakeholders, colleagues, client teams and to build and maintain positive working relationships

* Responsible for cross functional communication within teams, vendor / OEM management

* Responsible for Capacity planning of SOC infrastructure along with Resources planning

* Availability to work flexible hours, rotating shifts as necessary, working weekends, off hours and holidays

Skills Required: * SIEM- IBM QRADAR, Microsoft Sentinel, Splunk etc

* Excellent verbal and written communication with leadership skills

* Excellent analytical and problem-solving skills required

* Intense thirst for knowledge, innovation and automation

* Hands on exposure to Security Incident Management and Response tactics

* Hands on working knowledge on various SIEM solutions, Security appliances and solutions

* Sound knowledge on various cyber-attacks, attack patterns, attack vectors, risk management, etc