Description
Job Responsibilities:
- Lead the enterprise-wide security incident management and response.
- Review, evaluate, and enhance incident detection and response capabilities by periodic
review of tools, processes, and IR playbooks.
- Ability to handle 24 * 7 operations with a hybrid operating model (In House + MDR) to gain
the maximum efficiency and business benefits.
- Generating security metrics that align with business risks, reports, and dashboards for
management consumption.
- Lead efforts to drive automation using SOAR of incident triage and response and expand
advanced threat hunting capabilities.
- Provide functional direction and support for daily support activities.
- Develop and mentor staff through open communication, training, and development
opportunities.
- Develop strategic goals to transform the Security operations center to be ready for the
changing threat landscapes and evolving challenges.
Required Skills:
- Minimum 5 years of leading a Security team, with experience managing security incident
detection and Response program.
- Creative thinker with exceptional business, strategic, analytical, management, and
relationship management skills.
- Strong knowledge of networks, operating systems, cryptography, preventive, detective,
and offensive security solutions.
- Experience working with cloud services like Amazon Web Services, Google, and Microsoft
Azure Cloud
- Excellent understanding of information security concepts, protocols, tools, industry best
practices, and strategies.
- Focus on a business appropriate measured response, strong time management, effective
prioritization, and proper sense of urgency in day-to-day Security Operations.
- Ability to identify needs, take the initiative, and prioritize work efforts — balancing
operational tasks with longer-term strategic security efforts.
- Experience in designing, implementing, and measuring relevant security and technology
management critical success factors, key performance indicators, and metrics.
- Experience working with security detection/prevention platforms like EDR, Container
Security, Identity product, Vulnerability Management products and process, Microsoft
Security platforms, Data protection platforms, Threat/Brand Intel and Identity Intelligence,
SIEM, SOAR platforms etc.
- Experience working with industry-standard forensics tools (X-Way forensics, Encase,
Access data, SIFT, FTK)
- Excellent understanding & concept of standard audits such as PCI, SOC2, ISO27001, and
SOX.
- Security certifications such as CISSP.
Read Full Description