Security Operations Center Architect (7-10 yrs)

Role : SOC Architect

Experience- 7-10 Yrs

Job Location- Pune

Job Description :

- 8+ years of experience in a SOC environment.

- Strong communication and collaboration skills.

- Fast high paced environment with the ability to work with strict timed deadlines.

- Strong prioritization and an ability to handle multi-tasking situations.

- A positive and enthusiastic attitude to investigate and find solutions to security problems.

- Hands on experience in the operation of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, vulnerability management, etc.

Technical working knowledge of security systems including :

- Network and application firewalls reviews and approvals.

Advantageous (not essential) :

- Cloud Secrets Management (Cloud Vaults / Key Management & Rotation / MFA / Passwords).

- Scripting tool such as Python etc.

- API Security

To be successful in this role, we're seeking the following :

- Cloud Security - have strong security experience of MS Azure Infrastructure

- Incident Response - be able to in respond and investigate to complex alerts triaged from the MSSP SOC as well as on-prem SIEM as they will be on-call

- Identity Access Management - have strong experience in performing identity access management investigations.

- Vulnerability Management - have strong experience of the vulnerability management investigations to ensure to all the vulnerability have been remediated with in the SLA.

- Excellent communication written and verbal - to ensure the candidate are able to articulate what happened in the investigation and the remediation and as well as speaking to senior stakeholders.

- Developing a familiarity with new tools and best practices for security operations.

- Defining, implementing and maintaining operational security processes.

- Reviewing and maturing the Identity and Access Management process in line with industry best practice.

- Reviewing incoming SOC requests/incidents.

- Assisting in the investigation of SIEM alarms, reported by the MSSP and performing on call once a month.

- Assisting in the operational support for the SIEM MSSP

- Helping to develop and fully document new SIEM use cases including how to respond to alarms

- Performing Cloud Security operations related checks

- Developing and maintaining operational Security KRIs/KPIs

- Maintaining technical documentation of operational security controls.

- Providing 1/2nd line security incident response capabilities within the Insight SOC.

Certification : CISSP (Good to have)