India’s leading process management and data analytics companies, eClerx provides critical business operations services to over fifty global Fortune 500 clients, including some of the world's leading companies across financial services, cable and telecom, retail, fashion, media and entertainment, travel and leisure, software and high-tech. With revenues of $200 million, eClerx is one the leading innovative business process management companies.
A publicly traded company for 10+ years on India’s leading stock exchanges, our 9,500 employees work globally through delivery centres in India, Thailand, Italy, and US. We are looking to add to this talent pool a security operations command manager who will be responsible for proactively analyzing and mitigating risk while managing all security aspects of the organization.
The Ideal Experience Map:
Typically requires 8+ years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over 4-6 years of experience designing and deploying cyber security solutions for operations at the enterprise level
Roles and Responsibilities:
- Oversees the planning, execution, and management of cyber command centre operations
- Serves as a subject matter expert (SME) for performing security and threat assessments and preparing mitigation plans
- Manage a team of individuals and vendors to provide support to cyber command center which is built to protect data across the enterprise
- Monitors networks for signs of adversarial activity as a key member of the cybersecurity command centre
- Develops and updates incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
- Monitoring, analysing, and detecting security events and incidents as per the defined policies
- Manage, tune, and optimise SIEM tool (Alienvault / LogRhythm), which includes evaluating existing rules, filters, events and use cases per the business requirement
- Provide recommendation to optimise security controls such as IDS / IPS, endpoint security, vulnerability management, data loss prevention (DLP) Symantec
- End to end management of DLP or VAPT incidents, tasks and reporting
- Ensure strict implementation of configuration management (Device hardening control)
- Handling escalated security incidents / issues and be responsible for deep dive analysis of escalated incidents, threat hunting and malware analysis
- Identify opportunities for continuous improvement in security operations
- Ensure service level agreements are met and processes are followed
Technical and Functional Knowledge:
- Experience and good knowledge on network security technologies like Firewall, IPS/IDS, SIEM, DDOS, Proxy, WAF, VAPT, IBM App scan, nessus
- Experience and good knowledge on End Point security technologies like Anti-malware, EDR and Data Protection technologies like DLP , Data Encryption and so on
- Knowledge on networking technologies like Router / Switches, load balancer etc.
- Experience in working for Dynamic SOC environments and numerous SOC such as Alienvault, LogRhythm, Sourcefire IPS/ IDS, Cisco AMP, Digital Guardian, Proofpoint
- Experience on VA tools like (Burpsuite pro, NMAP, Metasploit, Wireshark, OWASP ZAP, SQLMAP, Aircrack, Alpha external wireless card, H-Ping)
- Good Network Security knowledge, TCP/IP, Linux, Windows, etc.
People Management and Personality Traits:
- Work with SOC manager for creating new operational guidelines, processes and procedures
- Act as the last point of escalation for SOC team, and assist with handing out work assignments to the team members
- Serve as primary operational contact with client and management in the absence of the manager
- Guide and mentor reporting manager and analysts with investigation and mitigation of security threats and incidents
- Develop and mentor staff by providing opportunity of growth through delegation, training and assignment of various projects
- Strong team player and ability to work in a challenging and constantly changing environment.
- Strong customer focus with an understanding of client expectations
- Strong communication, writing and interpersonal skills
- Proficiency with case management and ticketing systems