- Automate SOC monitoring and resolution for incidents reported.
- Finetuning SIEM platform and use cases development to address emerging threats.
- Co-ordinate with MSSP partner for key initiatives, enable and provide requirements and support delivery of projects.
- Deploy robust incident response, forensics, and threat intelligence processes.
- Lead the delivery of incident management system enhancements and modifications.
- Drive process improvements assisting to identify opportunities for positive change, improving SOCs overall detection and response capabilities.
2. Threat Intelligence & Hunting
- Gather threat intelligence from the industry and discern the applicable threats for our landscape.
- Investigate the network systems or endpoints to identify threat patterns or indicate compromise and analyse the threat.
- Coordinate with the IT and Plant IT team to resolve the cyber threats and prevent the same attack from recurring.
- Analysing and detecting cyber threats that affect business operations using threat intelligence.
- Monitoring the security patterns to identify, isolate, and detect the threats before attackers tend to exploit them.
- Planning, creating, and implementing security solutions for the organization.
3. Incident Response
- Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
- Track security incident related KPIs and metrics and assist with reporting on those metrics to senior management.
- Define & Implement technology roadmap to mitigate threats across Endpoints & Network
Education / Qualifications
Bachelor s degree in information technology or related discipline
Experience Required
- Overall 10+ years of relevant IT / Cyber Security experience.
- Minimum 5+ years of technology experience in SOC including SIEM, End Point Detection & Response, Network Detection & Response, IDP and IDS, Email Security, SOC Operations and Incident Management.
- Demonstrated proficiency with the IT Security Common Body of Knowledge required for enabling security concepts on varied technology.
Key Skills and Knowledge
- Expertise and demonstrated experience in SOC Incident management, SIEM, Endpoint security (EDR, Antivirus, etc), Network Security (Firewalls, Proxy, etc),
- Communicating effectively in writing as appropriate for the needs of the audience
- Abreast of security vulnerabilities and continually keep up to date on the latest security best practices and technologies.
- Good exposure to threat intelligence
- Strong knowledge of cryptography as it relates to computer and network security as well as file and email encryption required
- Strong, demonstrated project management skills
- A self-starter, with limited supervision & be able to work effectively in a global diverse environment.
- Review the security requirements, draft Threat Modelling
- Maintains knowledge of Cyber security threats and risks, and constantly monitors and evolves system security posture to mitigate
