Position: Team Lead-SOC, Noida

Department: Information Technology | Role: Full-time | Experience: 7 to 12 Years | Number of Positions: 1 | Location: Noida

Skillset:

SOC Lead, Team Lead, Threat monitoring, Cyber Security, Forensics Services, Audit Trails, SIEM, ITSM Tools, Excellent English communication skills

Job Description:

We are seeking for SOC Lead to support threat monitoring, detection, event analysis, incident response/reporting, brand monitoring, forensics and threat hunting activities for its SOC, which is a 24/7 environment. The individual must be able to rapidly respond to security incidents and should have at least 7 years of relevant experience in Cyber security incident response. Should have deeper understanding with some hands-on experience on enterprise IT infra components such as advanced firewalls, IPS/IDS/WIPS/HIPS, routers/switches, TACACS, VPN, proxy, AV/EDR, DNS, DHCP, multi factor authentication, virtualization, Email systems/security, Web Proxy, DLP etc. along with cloud environments like AWS (Must), Azure etc.

Responsibilities:

• Should be able to manage a SOC L1/L2 team

• Providing incident response/investigation and remediation support for escalated security alerts/incidents

• Work with various stakeholders for communicating and remediating the cyber incidents

• Use emerging threat intelligence IOCs, IOAs, etc.to identify affected systems and the scope of the attack and perform threat hunting, end user’s systems and AWS infrastructure

• Provides support for complex computer/network exploitation and defense techniques to include deterring, identifying and investigating computer, applications and network intrusions

• Provides technical support for forensics services to include evidence capture, computer forensic analysis and data recovery, in support of computer crime investigation.

• Should be able to safeguard and custody of audit trails in case of any security incident

• Researches and maintains proficiency in open and closed source computer exploitation tools, attack techniques, procedures and trends.

• Performs research into emerging threat sources and develops threat profiles. Keep updated on latest cyber security threats.

• Demonstrates strong evidence of analytical ability and attention to detail. Has a broad understanding of all stages of incident response.

• Performing comprehensive computer monitoring, identifying vulnerabilities, Target mapping and profiling.

• Has a sound understanding of SIEM (Splunk, Datadog, Arcsight etc), PIM/PAM, EDR, O365 security suite and other threat detection platforms and Incident Response tools.

• Should have knowledge of integrating security solutions to SIEM tool and crate the use cases as per the best practices and customized requirements

• Has knowledge on working on ITSM tools such as JIRA, Service NOW etc

• Has a logical, disciplined and analytical approach to problem solving

• Has knowledge of current threat landscape such as APTs

• Has basic knowledge of Data Loss Prevention monitoring

• Has basic knowledge of audit requirements (SOC2, HIPPA, ISO27001, etc.)

• Should be flexible to work in 24*7 environment

Preferred qualifications:

Security Certifications Preferred (but not limited to): CISSP, CHFI, CEH 

Additional Information:

• This is 5 days work from office role.(No Hybrid/ Remote options available)

• There are 2-3 rounds in the interview process.

• Final round will be F2F only (Strictly)

Required Qualification:

Bachelor of Engineering - Bachelor of Technology (B.E./B.Tech.) - IT/CS/E&CE/MCA

With a Top Pharmacovigilance IT Products MNC