Location
Thiruvananthapuram | India
Job description
JOB DESCRIPTION
Role Proficiency:
Monitor cyber security alerts for our global customers in a 24x7x365 operations team under minimal supervision of Team Lead. Mentor junior members of the team as well as assist the Team Lead in supervision.
Outcomes:
- Mentor junior members of the team to help them learn and achieve their full potential.
- Respond independently to low and medium complexity incidents
- Assist the Team Lead in supervisory activities leading to a high-performance organisation.
- Under the overall supervision of Team Lead ensure that cyber security alerts from the SIEM and multiple sources are dealt with by the entire team within SLA. Communicate and escalate as per defined process.
- Train and motivate the team to follow documented playbook.
- Assist the Team Lead in ensuring quality of service across the team.
- Review and recommend topics for inclusion or upgrade in the playbook as well as new Use Cases or the refinement of existing ones.
- Adherence to defined SOC processes including housekeeping tasks. Adherence to the Information Security policies as defined by the company and customer.
Measures of Outcomes:
- Innovation: Case Studies and value delivered to customer / Cyberproof.
- Team adherence to SLA as agreed with the customer.
- Productivity (Number of alerts addressed)
- Quality - Percent of tickets that met quality norms
- Adhere to process - Nil NC during audits
- Evidence of skill development including training certification etc.
Outputs Expected:
Cyber Security Monitoring :
- Work in accordance with the Playbook
under supervision of the team lead to monitor alerts in the CDC Platform / SIEM Tool
etc. Ensure appropriate response in line with the SLA.
Cyber Security Incident Management:
- Process alerts through analysis
triage and resolution.
- Communication and escalation as per defined process
- Documentation including annotation in CDC / SIEM work log to ensure audit trail
as per defined standards and quality requirements.
- Reporting
Team Player:
- Assist the team lead in ensuring Continuous Learning as well as in delivering on innovation and optimization
- Mentor junior team members where possible.
Reporting:
- Assist Team Lead in generation of required reports
management information and analytics.
Other Responsibilities:
- Ensure that the housekeeping tasks are performed
- Undertake activities for example quality checks
reviews
etc. to ensure that the team as a whole are performing to standard requirements
- Stand in for the team lead when required at customer meetings
etc.
- Assist in achieving near zero false-positives
etc.
Skill Examples:
- High proficiency in the use of CDC SIEM and other relevant tools
- Skill to review and recommend Play Book improvements Use Case Refinements New Use Cases Process Improvements etc.
- Excellent logical problem-solving ability and analytical skills for incident triage and analysis
- Excellent oral and written communication skills.
- Continually learn new technology and stay updated on cyber threats. Assist and motivate team members to do likewise
- Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.
- Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check.
Knowledge Examples:
- 3 to 5 years experience as SOC operations with SOC of global organization.
- University Degree in Cyber Security (no back papers) / Bachelor's in Science or Engineering with training in cyber security
- Highly proficient in Cybersecurity Incident Management process.
- Highly proficient and up to date in cyber security alerts and incidents. Intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc.
- Understanding of ISMS principles and guidelines relevant frameworks (e.g. ISO27001)
- Desirable - Training / Certification in Ethical Hacking Tools Process and Frameworks related to cyber security etc.
Additional Comments:
Job Description Advanced monitoring of system logs, SIEM tools and network traffic for unusual or suspicious activity. SIEM (Security Information and Event Management): Setting up various SIEM solutions and troubleshooting connectivity issues. Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions. Collate security incident and event data to produce monthly exception and management reports. Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes. Develop and maintain documentation for security systems and procedures. Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach. Analysis and review of logs and cyber event alerts Investigate suspicious security event activity, security breaches and other cyber security incidents Assess damage, document findings and recommendations Work with security team to perform tests and uncover network vulnerabilities Maintain and enforce adherence to corporate procedures, standards and policies Maintain and update functionality and procedures of the documentation Keep up to date with latest security information and threat intelligence Research the latest information technology (IT) security trends Validate security analysis and identify latest capabilities of the monitoring technologies Research and understand the currently published vulnerabilities of enterprise hardware, software, operating systems, appliance, and applications etc Gather and distribute technical information pertaining to new security threats and vulnerability trends Produce reporting and documentation to customers, internal team and management Experience & Qualifications Required Experience working with different Siem vendors like Qradar, Archsight, RSA, Logrythem Experience in incident response, writing procedures runbooks and playbooks Ability to work with customer's IT and security teams as well as directors' level.
Job tags
Salary
