Support Lead -Incident Response
-
Type: Fulltime
-
CTC: ₹ 0
Type: Fulltime
CTC: ₹ 0
Job Description: SOC (Security Operations Center) Lead Required Expertise Minimum 7-10 years of experience in Security Operations Incident Response with expertise in using SIEM Tools (Sumo Logic), EDR, Email Security, Incident Response and responsible for providing advanced technical support and incident response. Key Responsibilities: Utilizing the SIEM Tool, Sumo Logic, Qroc, Azure Sentinel tool to monitor the security environment for potential threats and incidents. Analyzing and triaging security alerts generated by the SIEM, EDR and other security tools. Responding to security incidents, taking appropriate actions to contain, mitigate, and remediate security threats. Analyzing and reviewing and validating the logs from the log sources. Suggesting user case fine tuning, new use case creation. Troubleshooting SIEM issues related to log sources. Collaborating with other members of the SOC team, as well as internal and external stakeholders, to resolve complex security incidents. Keeping up to date with the latest cybersecurity threats, trends, and technologies to improve the efficiency and effectiveness of incident response. Documenting security incidents, responses, and related information in accordance with established procedures. Create SOPs, Playbook for the SOC team for the incident triage. Establish KPI, review & manage security logs and provide reports based on KPI and metrics. Respond to client"s requests, concerns, and suggestions. Track SOC performance in terms of SLAs and incidents quality Prepare the Daily, Weekly, Monthly reports as per the client requirements. Develop and provide reporting metrics to demonstrate the SOC"s role and function. Lead the governance calls with customer and represent the KPI, SLA reports etc. Requirements: Experience as a Senior Security Analyst leading a team Experience with Security Operations Center, network event analysis and/or threat analysis Experience working as an Incident Responder Knowledge of various security methodologies and technical security solutions Experience analysing data from cybersecurity monitoring tools Ability to analyse endpoint, network, and application logs Knowledge of common Internet protocols and applications Bachelor"s degree in computer science, Information Technology or equivalent experience. Certifications: CEH, CISM, CompTIA Security+, SumoLogic, Qroc any of these Certification is an added advantage
Incident Response,SIEM,Sumo Logic
Incident Response,SIEM,Sumo Logic,Security Operation Center(SOC)
PUNE
- Job Description: SOC (Security Operations Center) Lead Required Expertise Minimum 7-10 years of experience in Security Operations Incident Response with expertise in using SIEM Tools (Sumo Logic), EDR, Email Security, Incident Response and responsible for providing advanced technical support and incident response. Key Responsibilities: Utilizing the SIEM Tool, Sumo Logic, Qroc, Azure Sentinel tool to monitor the security environment for potential threats and incidents. Analyzing and triaging security alerts generated by the SIEM, EDR and other security tools. Responding to security incidents, taking appropriate actions to contain, mitigate, and remediate security threats. Analyzing and reviewing and validating the logs from the log sources. Suggesting user case fine tuning, new use case creation. Troubleshooting SIEM issues related to log sources. Collaborating with other members of the SOC team, as well as internal and external stakeholders, to resolve complex security incidents. Keeping up to date with the latest cybersecurity threats, trends, and technologies to improve the efficiency and effectiveness of incident response. Documenting security incidents, responses, and related information in accordance with established procedures. Create SOPs, Playbook for the SOC team for the incident triage. Establish KPI, review & manage security logs and provide reports based on KPI and metrics. Respond to client's requests, concerns, and suggestions. Track SOC performance in terms of SLAs and incidents quality Prepare the Daily, Weekly, Monthly reports as per the client requirements. Develop and provide reporting metrics to demonstrate the SOC's role and function. Lead the governance calls with customer and represent the KPI, SLA reports etc. Requirements: Experience as a Senior Security Analyst leading a team Experience with Security Operations Center, network event analysis and/or threat analysis Experience working as an Incident Responder Knowledge of various security methodologies and technical security solutions Experience analysing data from cybersecurity monitoring tools Ability to analyse endpoint, network, and application logs Knowledge of common Internet protocols and applications Bachelor's degree in computer science, Information Technology or equivalent experience. Certifications: CEH, CISM, CompTIA Security+, SumoLogic, Qroc any of these Certification is an added advantage
1
Support Lead - 5.3 - India
Azure ADTaaS Technologies Pvt Ltd |
Fulltime |
Programmer (Dev) - Sumo LogicTaaS Technologies Pvt Ltd |
Fulltime |
Security AnalystTaaS Technologies Pvt Ltd |
Fulltime |
SOAR Specialist - SOC OperationsTaaS Technologies Pvt Ltd |
Fulltime |
NextGen SOC -TaaS Technologies Pvt Ltd |
Fulltime |