Roles & Responsibilities
• Act as a fulcrum between the security operation of the company and vendor to govern the security operations
• Correlate, investigate, Analyze, and remediate both exposed and obscure threats to ensure that the vendor deliverables are appropriate
• Oversee development of content for a complex and growing SIEM SOC infrastructure. This includes use cases for Dashboards, Active Channels, Reports, Rules, Filters, Trends, and Active Lists to meet customer requirements.
• Ensure that Tier 1 real-time monitoring and reporting of IPS/IDS systems, including correlating data from IDS, IPS, Firewalls, Servers and application systems are delivered by the SOC service provider
• Produce reports identifying significant or suspicious security events.
• Analyzing the raw packet for basic protocol, source, destination and function to locate and identify threats when required
• Identifying the current vulnerabilities, affected platforms, and possible impact of them and taking action as per the Threat analysis process.
• Checking running ESM, Logger and connectors health and database statistic. Generating daily reports for internal Infra.
• Configuration & Change Monitoring
• Conduct reviews for closures of vulnerability assessment scans performed on IT assets of business processes during internal/external audits.
• Ensure to collect digital evidences of security violations, evidences should not be tampered and identify root cause of security incidents
• Privilege access reviews need to be carried out on business process domain as per internal audit calendar and track till closers for the identified gaps
• Prepare daily/weekly/monthly reports and dashboard for security operation and reviews conducted.
• Periodic evaluation of new technologies on security products are carried out to recommend prevention of latest threats
 

C. Specialized skills / Training / Education and Experience needed to perform the job.
Education: Graduate, Preferred certifications C(EH). CISSP, CISM
Min 5-8 year of relevant experience in Information security field with fundamental knowledge on IT Infrastructure
Knowledge of SOC Monitoring tools, SIEM, File Integrity Monitoring tools, Privilege Identity Management tools, EDR, Advanced Malware protection technologies