Job Description

Job summary: The role is part of our Global SOC team, tasked to deliver Managed Security Services (MSS) and help customers achieve its business goals & objectives by re-imagining cybersecurity as one Job summary: The role is part of our Global SOC team, tasked to deliver Managed Security Services (MSS) and help customers achieve its business goals & objectives by re-imagining cybersecurity as one of its business enabler. It is great opportunity to put your past experiences in building a world class SOC and address cybersecurity challenges of our global customers. We are looking for highly experienced cyber security professional, to lead a team of security analysts and ensure seamless service delivery of GSOC services. It provides exposure to wide variety of security technologies and provides opportunity for the candidate to pioneer in developing SOC. Job Responsibilities: . Responsible for managing day-day security operations and point of contact for all GSOC operational escalations from customers and internal teams, thereby act like incident manager to resolve the escalation/incident by coordinating with customer and relevant stakeholders. . Manage customers' expectations, by participating in periodic GSOC review calls with them and assist to understand GSOC findings, and advocate recommendations to minimize its cybersecurity risks. . Understand customer requirements on its threat detection use case and ensure it is developed, tested and implemented. . Continuously monitor GSOC service delivery and take the accountability to ensure the services are delivered as per agreed SLAs. . Closely monitor GSOC process and take the accountability to develop it into a mature process to enable seamless service delivery, and to meet ISO 27001 standard requirements . Review 3rd party threat intel feeds and integrate them into MSS platforms to provide value to our customers. . Closely monitor GSOC tools and actively provide recommendations to the management on items not limited to automation, new technology integration etc., which can result in an improved SecOps and Customer Success. . Manage team of analysts from an operational & people management perspective and ensure the different tiers of support is available 24x7, and are continuously motivated to deliver GSOC services. . Develop, monitor, and measure team KPIs, in line with organizations goal and also contribute to personal development which should include a clear developmental path for the analysts to enable them to handle daily tasks. . Enable regional security analysts to deliver seamless support locally by developing SOC playbooks, relevant and sufficient knowledge base. . Lead regional security analysts in handling incidents, customer escalations and requests, SLA requirements. . Actively research and stay updated with latest and new cyberattacks, TTPs, threat attackers, vulnerabilities, and work with team to perform proactive threat hunting in customer environments. . Strong understanding of MITRE ATT&CK framework, and ability to operationalize it for day-day SecOps activities, to develop tactics, techniques, procedures (TTPs) for security analysis and threat hunting. Qualifications: . Bachelor's Degree in Computer Engineering, Computer Science, Cyber Security, Information Security, or other equivalents. . Candidate should have at least 10 years of working experience in SOC and MSS environments, with at least 3 years of management experience. . Excellent hands-on experience in implementations, incident analysis of IBM QRadar, Azure Sentinel SIEM technologies. . Hands on experience on any Endpoint Protection (EPP) or Endpoint Detection Response (EDR) technologies. Preferred if CrowdStrike, Microsoft Defender. . Experience in malware analysis for Windows and Linux/Mac. . Hands on experience on SOAR technologies. . Exposure to firewall technologies such as Cisco, Palo Alto, Checkpoint, Fortinet. . Good understanding of WIN, LINUX environments and well versed with basic LINUX commands and troubleshooting, with a proven Unix (Solaris, Linux, BSD) experience. . Knowledge on any shell scripting language, and to apply them to automate mundane operations tasks. . Candidate should have at least one SANS certification, preferred if that is GCIH. Also having CISSP, CISM will be advantageous. . Good understanding of basic network concepts and advantage if exposure to cloud technologies. . Lateral thinking combined with excellent troubleshooting skills, preferably with experience following ITIL standards . Excellent English communication skills (verbal and written) combined with professional telephone manner. By submitting your application, you would have deemed to have given consent and have read through the DP notice for Job Applicants here: https://ap.logicalis.com/sites/default/files/2022-10/PIMS-A7.3-01%20Attachment%20I%20DP%20Notice%20for%20Job%20Applicants_updated9sept22.pdf