Job Description
- 6-10 years of experience in operational IT or other security roles, with at least 2 years in a similar SOC-related role.
- Deep familiarity with one or more SIEM tools, as well as SOAR where possible.
- Strong understanding of technical IT concepts, including Microsoft Active Directory, networking, Windows and Linux operating systems, and preferably macOS.
- Proficiency in command-line interfaces and scripting languages.
- Familiarity with vulnerability scanning, penetration testing tools, and techniques.
- Good understanding of technical security products such as firewalls, anti-virus, web proxies, SIEM, IDS/IPS, WAF, DLP, and EDR, including their roles, benefits/downsides, and standard use cases.
- Preferred Skills:
- Experience in threat intelligence analysis.
- Certifications such as CISSP, CISM, CompTIA Security+, or GIAC.
- Knowledge of cloud security concepts and technologies.
Job Responsibilities
- Security Monitoring and Incident Response: Drive the creation and refinement of security monitoring rules, techniques, and procedures, particularly automating incident response playbooks.
- Investigate and resolve escalated security incidents, both independently and while leading a team of security analysts.
- Operational Roles Rotation: Take part in operational roles rotation, covering vulnerability management, SIEM tuning & content, security control administration, threat hunting, and escalation analysis, ensuring the effectiveness of our security operations.
- Project Leadership: Lead internal projects to improve the effectiveness of the SOC, such as comparing competing tools or technologies, redesigning existing security controls and processes, and assessing the impact of changes to our IT environment.
- Team Escalation Point: Provide an escalation point for other team members during incident response and project work, offering training and development where necessary.
Location
Bengaluru, Karnataka, India