Allscripts(India) LLP, ultimately a subsidiary of Altera Dig...
Location
Work from home | India
Job description
Veradigm is seeking an experienced security operations or incident response professional to lead our 24/7 Security Operations Center and monitoring team
The successful candidate will lead a specialized team in monitoring, detecting, and responding to cybersecurity threats, utilizing tools like Splunk, Sentinel, and EDR in public and private cloud environments
This role involves strategic oversight of tiier 1 - SOC operations, ensuring the development and implementation of effective security procedures and practices
The manager will be responsible for providing leadership and mentorship to the team, fostering a culture of continuous improvement and professional growth
They will also play a crucial role in incident response, leveraging their expertise to address security incidents quickly and efficiently
Additionally, the SOC Manager will collaborate with senior management and other departments to align the SOCs activities with the broader organizational cybersecurity strategy
Responsibilities
Lead and manage the SOC team, including hiring, training, and performance management.
Develop and maintain a high-performing team through effective leadership and mentoring.
Oversee the monitoring, detection, analysis, and response to security incidents using tool which include, but are not limited to: Endpoint Detection and Response (EDR), IDS/IPS, Firewalls, Active Directory, Windows Event Logs, Vulnerability Management solutions.
Ensure continuous improvement and development of SOC processes and procedures, with a focus on leveraging advanced tools and technologies.
Lead and coordinate incident response activities, utilizing expertise in EDR and SIEM technologies like Splunk and Sentinel.
Provide regular metrics and reports on SOC activities and incident response efforts to senior management.
Ensure clear and effective communication within the team and with other departments.
Contribute to the development and execution of the overall cybersecurity strategy, with a focus optimization of security tooling for the SOC workflow.
Stay abreast of emerging security threats and technologies; and recommend enhancements to SOC capabilities.
An Ideal Candidate will have: Qualifications:
Bachelor s degree in Computer Science, Information Security, or related field.
Minimum of 5 years of experience in information security, with at least 3 years in a SOC leadership or senior incident response role
Strong knowledge of information security principles, including experience with incident response, threat hunting, and security monitoring.
Expertise in security technologies such as Splunk, Microsoft Sentinel, and EDR solutions including a proficiency with SPL and KQL.
Knowledge and experience performing incident response within public cloud platforms such as AWS and Microsoft Azure.
Excellent leadership and communication skills.
Maintains industry certifications, including, but not limited to GIAC Security Operations Manager (GSOM), GIAC Certified Incident Handler (GCIH), GIAC Certified Detection Analyst (GCDA), GIAC Certified Intrusion Analyst (GCIA), EC-Council Certified Incident Handler (ECIH) or other relevant certifications.
