SOC Lead

SKILL SET  

• Strong security product skills, including experience of operating and supporting the following technologies: -
  • Endpoint detection and response (EDR) solutions like SentinelOne, Symantec, Tanium, TrendMicro
  • Security Information and Event Management (SIEM) solutions like Splunk, ArcSight & Securonix
• Knowledge and understanding of cloud security concepts, technologies, and best practices, including but not limited to, automation and secure containerization frameworks, directory services (e.g., Active Directory, LDAP), SSO, One-Time Passwords (OTP), encryption technologies and forensics.
• Knowledge of and implementation experience with cloud or on-prem security technologies, architecture and best practices that includes hands-on experience on hardening the security environments.
• Knowledge of and implementation experience with security technologies, including but not limited to, firewalls (WAF or Perimeter) configuration, two factor authentication, PKI, malware and intrusion protection and detection tools.
• Demonstrated knowledge and understanding of information security industry trends and emerging technologies, and an ability to relate them to the company and its objectives.
• Demonstrated experience with vulnerability and risk management, including performing security scans and risk assessments to identify potential vulnerabilities, track the remediation of findings to reduce risks.
• Demonstrated experience and understanding of cybersecurity incident management and response procedures — must demonstrate ability to perform and respond well in crisis situations.
• Demonstrated knowledge and understanding of information security standards, guidelines and frameworks such as ISO 27001/27002, NIST, COBIT or PCI.
• Experience with maintaining compliance regulatory and legal requirements such as GDPR, PCI.
• Familiarity with application development life cycle models and issues, especially pertaining to security components.
• Fluent in one or more programming or scripting languages such as Bash, Powershell, Python, TCL, Java, PHP, Perl, C++, and Visual Basic.
• Authored SOC SOPs, playbooks, work instructions and/or other process documents Familiarity with Kusto Query Language (KQL) & Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL) and/or regex.
• Good verbal and written communication skills — Able to communicate, security and risk implications to technical and non-technical audiences.
• Ability to work independently managing multiple deadlines and deliverables
• Self-motivated and driven, capable of handling problems until resolved within accepted time tolerances — anticipates problems and identifies long-term implications of decisions and actions.
• Industry certifications (Desirable): CISSP, CISM, CISA, CCNA - SEC , CEH/OSCP, ITIL V3 Foundation, GCIH, Specific Certification on SIEM, SOAR, EDR etc