| Remote - SOC Lead Manager - MDR (SOC) at Remote, Remote, USA |
| Email: [email protected] |
| Position: SOC Lead Manager - MDR (SOC) start date : ASAP Location- REMOTE Key Responsibilities - Represent the SOC findings in customer calls highlight value added by SOC, understand the gaps (if any) from customer and work towards fixing those. - Distinguish incidents as opposed to non-incidents, so as has to i) hold meaningful/intelligent conversation with customers and ii) lead the team with right directions. - Steer the team of Analysts and Sr. Analysts on Incident Handling (Detection, Analysis, Triage, and Response) processes. Also, guide the team on client processes so that team constantly meets 99% SLA requirements on notification, investigation, response, and remediation. - Coordinate with Account Management (customer relationship management team) to set healthy expectations of client and improved deliverables of SOC. - Ensure all threats at customer environment are detected and notified in timely manner. - Ensure customer deliverables are being provided as per agreed service level agreements. The operating procedures are documented and change requests are tracked/approved. - Understand customer requirements and translate these into service outputs. - Ensure that the incident analysis runbooks, incident response runbooks and standard operating procedures are built, maintained, and are kept in line with best practices and customer expectations. - Keep track of scope and scope deviations, scheduled and adhoc deliverables. - Work with platform administration team to ensure integration of new devices and ensure health of monitoring infrastructure. - Working knowledge of o operating systems o network technologies (firewall, proxy, DNS, Netflow) o Active Directory o Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.) o Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.). - Identify Gaps and Proactively fix what is Committed vs Delivered: o Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources. o Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed. o Gap analysis based on customer domain / business applications / technology deployed etc: - SPOC: Response to client problems/requirements: o First response to the customer queries and complete ownership till query is addressed. o Log source integration/decommission etc. o coordinating with other internal units within Atos for timely response to client. - Show value/benefits of the delivery (MDR) during Periodic Service Review (PSR) meetings o Timely closure of operational tasks o Articulate SOC value add, proactive threat detection, new feature releases, etc. in PSR meetings. The candidates should have: - Strong analytical and technical skills in computer network defence operations. - Prior experience of investigating security events and leading the team. - Good understanding of SIEM SOC concepts and operations - Clear technical and operational understanding of areas worked in - Good verbal & written communication skills Qualification: - Engineering graduate preferably B.E. /B tech in I.T of Computer Engineering - Certifications CISSP, CISA, CCNA, CEH Work Schedule: General Shifts -- Keywords: information technology Remote - SOC Lead Manager - MDR (SOC) [email protected] |
| [email protected] View all |
| Fri Sep 20 20:09:00 UTC 2024 |