Description
- Maintaining, developing, and tuning of all SOC policies and operational procedures.
- Regularly review the processes and procedures followed by the SOC team and propose changes if there is a scope for improvement.
- Reporting & ensuring the SOC is fully compliant to the defined process and its operational SLAs.
- Measures SOC performance metrics and communicates the value of security operations to leaders.
- Maintaining SOC team availability 24x7x365.
- Quality Review of all SOC reports.
- Supervises and review the operations and activities carried out by the SOC team.
- Manages the escalation process and reviews incident reports.
- Regularly monitor and review the incident and cases records.
- Regularly track the Timeline compliance of the SOC activities.
- Take measures to carry out SOC activities in an effective and efficient manner.
- Develop and evaluate metrics to measure the performance of the SOC team.
- Co-ordinate with the external teams during incident management.
- Submit incident drill summary report to management and propose changes in the process if necessary.
- Analyze and report organizational security posture trends.
- Analyze and report system security posture trends.
- Conduct and/or support authorized penetration testing/vulnerability assessment on enterprise network assets.
Requirements
- Holds Bachelor's degree in Engineering, or relevant major from a reputable university.
- Minimum 8 year’s professional IT experience
- Hold at least one of the following SANS certifications:
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- Proven experience in security device management and SIEM
- Fluency in English is a must.
- Excellent communication skills and decision making skills
Job Type: Full-time