Security Operations Center Lead - Patch Management (8-10 yrs)

Overview.

- SOC Lead (L3) is responsible for managing and supporting a range of cybersecurity functions, including SentinelOne, Zscaler, VAPT governance, and firewall/VPN access management.

- This role demands strong analytical and operational skills to monitor, troubleshoot, and optimize cybersecurity tools and processes.

- The ideal candidate will ensure adherence to policies, resolve security incidents, operations, and drive governance activities with effective reporting and communication.

- This is a crucial role, and strategic for this new startup(CyberForceHQ) funded by Infosec Ventures.

- Please apply only if you currently reside in Pune.

- You will be working with one of our prestigious Client in Pune.

- This is an ON-SITE job.

Note: The payroll would be through the service provider company (CyberForceHQ).

Key Responsibilities :

- EDR Operations Support.

- Manage agent upgrades, ensure agent health, and troubleshoot offline/online status.

- Monitor scanning and threat management statuses and take appropriate actions.

- Handle STAR rule management and network health troubleshooting.

- Oversee policy enforcement, policy pushes, and platform updates.

- Conduct device inventory management and verify backup status for compliance.

- Provide detailed reporting on operational activities and escalate exceptions as needed.

- Coordinate with stakeholders to address support issues and implement improvements.

- Zscaler Operations Support.

- Collaborate with vendors to ensure smooth delivery and operations.

- Manage agent upgrades and ensure policies are updated and enforced.

- Coordinate support activities, address exceptions, and escalate critical incidents.

- Analyze dashboards to recommend actions and mitigate potential risks.

- Monitor alerts and incidents, reporting progress to relevant stakeholders.

- Vulnerability Assessment and Penetration Testing (VAPT) Governance.

- Consolidate and classify VAPT requirements from stakeholders based on business criticality.

- Facilitate scoping discussions with VAPT partners and internal teams.

- Ensure comprehensive documentation of testing scope, objectives, and exclusions.

- Get VAPT done by partner on time.

- Review and approve VAPT scopes, track timelines, and monitor adherence to SLAs.

- Validate final VAPT reports and ensure findings are distributed for remediation.

- Track open findings and ensure timely closure within agreed timelines.

- Maintain and present governance dashboards to highlight progress and risks.

- Organize follow-up testing for resolved findings and archive VAPT evidence for audits.

- Firewall and VPN Access Management.

- Review and validate firewall access requests for necessity and alignment with security policies.

- Maintain an updated inventory of firewall rules and VPN access lists.

- Conduct periodic reviews to remove unused or unnecessary rules.

- Analyze the impact of firewall changes on configurations and ensure compliance with segmentation and least privilege principles.

- Facilitate discussions between application owners and network teams to clarify access requirements.

- Audit access controls and rule sets for compliance with organizational and regulatory standards.

- Track and close non-compliant configurations and document exceptions.

- Monitor firewall and VPN logs for anomalies and suspicious activities.

- Enforce MFA policies for VPN users and ensure firewall and VPN configurations are updated based on emerging threats.

- Organize governance meetings and maintain dashboards to track firewall and VPN security metrics.

- Incident Response and Continuous Improvement.

- Establish and manage incident response processes for firewall and VPN-related security events.

- Monitor vendor patches and firmware updates for firewalls and VPN devices.

- Continuously refine processes based on lessons learned and feedback to improve efficiency.

Qualifications :

- Bachelor's degree in information technology, Cybersecurity, or related field.

- 8+ years of experience in cybersecurity operations, endpoint management, or network security.

- Hands-on experience with SentinelOne, Zscaler.

- Working knowledge of firewalls ,networks and VAPT process.

- Proficiency in reporting tools, including Excel and Power BI, for creating dashboards and actionable reports.

- Strong analytical skills to interpret data, identify trends, and recommend solutions.

Skills and Competencies :

- Advanced troubleshooting and problem-solving skills for endpoint and network security.

- Strong organizational skills to manage multiple tasks and priorities.

- Excellent communication skills to collaborate with internal teams and external vendors.

- Familiarity with regulatory frameworks like ISO 27001, NIST, or CIS controls.