We are looking for a highly experienced information security professional to help leading one of the clusters of

Synergistic Security Operation Center to monitor security alerts, respond and remediate detected issues, and work

with the Incident Management process to remove threats and vulnerabilities within the organization and to assist

the SOC team in its mission to secure our customer requirements.

Roles & Responsibilities:

• Serve as an escalation point for all Threat Analysts on shift for complex/unusual alerts/cases/requests/incidents.

• Daily review of security alerts/logs with follow-up on any suspicious activity.

• Review cases escalated by Threat Analysts to investigate, respond and remediate; Ensure an effective flow of escalated cases; and Conduct quality assurance of cases.

• Mentoring associate team members and contribute in streamlining SOC operations for continuous improvement.

• To ensure an escalate flow of Incident Management System; Assist the team in developing the incident response strategy and then creating and assigning response actions to Threat Analysts as needed;

• Perform investigation of network and hosts/endpoints for malicious activity include analysis of packet captures, and assist in efforts to detect, confirm, contain, remediate, and recover from attacks.

• Proactively monitor, identify and analyze complex internal and external threats, including viruses, targeted attacks and unauthorized access, and mitigate risk to IT systems.

• Work in concert with team members, Information Security engineering, and relevant Subject Matter Experts to process, analyze and drive the remediation of identified IT related vulnerabilities Responsible to follow the IT Security Incident Response policies and tools.

• Contribute to Information Security policies, standards, and supporting documentation.

• Root cause analysis, troubleshoot complex issues with existing security and privacy protection protocols.

• Responding to inbound security monitoring alerts, emails, and inquiries from the organization.

• Providing support for Incident Response, including evidence collection, documentation, communications, and reporting.

• Maintaining and improving standard operating procedures and processes

• Responsible for onboarding the clients; both in cloud and on-prim.

Required Skills:

• Proven work experience as a Technical Support Engineer, Operation, System Admin or similar role.

• Hands on working Experience on any SIEM tool (Qradar /Alien Vault/ McAfee ESM/DNIF).

• 6 months of L3 experience is required.

• Team Management and Network Management / Operations Management.

• Good understanding of database, security products(Firewall, IDS/IPS, AV) and other tech products.

Desired Skills:

• Networking concepts

• Information security concepts

• Windows and troubleshooting and domain knowledge

• Linux and troubleshooting and domain knowledge

• Data Analysis

• Data Analytics for Security