Dear Consultant,
We are hiring Security Operations Center-Manager, 9-14Yrs, 7-10LPA, Noida. Job Code: 3UDOMIJUBILIANT/MGR.SeqOP914Y710LN/24120
Job Details
Job Specifications
Manager-Security Operations Center
Location : Noida
Exp. 9.0 - 14.0 Year(s)
Qualification Technical Graduate/Post Praduate
About Co :India's largest food service Company
Position Title: SOC Manager
Reports to: GM-IT Department: IT
Division: Infrastructure
JOB CONTEXT AND KEY ACCOUNTABILITIES:
· Set up and manage Security Operations Centre's Technology, People, Process and Governance.
· Ensure that all servers, key applications, networking devices, security devices are integrated to SOC.
· Ensure that all attacks on JFL information system are detected and managed.
· Encourage relationship with SOC team and internal departments to ensure monitoring, smooth incident response
and compliance.
· Lead and mange security incidents from identification through remediation.
· Ensure that Generic, QSR/Retail specific and JFL customized use cases are created, implemented and managed.
· Ensure that logs from devices are collected/stored and persevered as per forensic investigation requirements.
· Build SOC governance and share timely reports to Departments /CISO /CTO /CFO
· Manage SOC team, efforts, mapping of team vs efforts, monitor security events, manage incidents effectively with
available resources and provide first and final escalation analysis.
· Professional Communication, including executive level, and documentation of metrics, SLAs and procedures.
2. QUALIFICATIONS, EXPERIENCE & SKILLS:
· Experience building and maintaining a high-performance team of analysts
· Expertise with industry standard frameworks like NIST, ISO 27001, PCI-DSS
· Familiarity with ITIL and Agile framework / methodologies
· Experience maintaining SOC metrics and SLAs.
· Strong knowledge of incident management, problem management and change management best practices
· A high-level understanding of multi-tiered applications, load balancing and firewalls
· Understanding of private, public, and hybrid cloud operations
· Knowledge of network security, intrusion prevention system, System information and event
management (SIEM), integrating servers/ devices/ application with SIEM, co-relation rules creation,
host based investigate.
· Knowledge of WAF, FIM and Vulnerability assessments.
· Knowledge of forensics investigation- network forensics, host-based forensics, chain of custody evidence, log reviews, basic malware assessments, threat intelligence.
· 10+ years of Information Security / Cybersecurity experience
· 4+ years working in a security operations center
Certification Required
· Industry certifications such as CEH/CISSP, CISA/CISM
· Technology vendor certifications (Cisco/CheckPoint/RSA, etc.)
· Industry standard frameworks (ITIL/ISO/NIST/PCI-DSS)
Sourcing Guidelines
Please (MUST) share answer of the following Questions in the First Page of the Resume
Without these info we will not process CV for HR Review?
Ques: What Policies / Procedures would you set up as a SOC manager to run it efficiently?
Ques: Do you know how to build business specific use cases?
Ques: is WAF Product integrated to SIEM?
Ques: Can you create custom connectors?
Ques: How long you have been working in SOC ? Security Operations center
Ques: Expertise in which SIEM Solution?
Ques: What is the difference between generic Vs Industry Specific Vs Business Specific use cases?
Ques: is Vulnerability Management Product integrated to WAF?
Ques: What should be an incident management process? Explain it using a case of HRMS application seems compromised.
Ques: What devices you will need and how will you build a rule that detects and alters that a system is compromised and data is being hacked through network.
Ques: Familiarity with ITIL and Agile framework / methodologies
Ques: How would you measure manpower efficiency?
Ques: Do you have the skillset to integrate servers/applications/devices to the SOC?
Ques: Why do you need to interact with internal departments as an SOC manager?
Ques: How would you optimize the cost of SOC?
Ques: Expertise with industry-standard frameworks like NIST, ISO 27001, PCI-DSS
Ques: Were you involved in setting up of any SOC?
Ques: What is Chain of Custody? Why it is important? How do you take logs of memory / running processes of compromised servers?
Ques: What should be the hybrid SOC KPIs for CEO?
|
0 Comments