Eventus Security - Security Operations Center Head

Designation : SOC Head

Department : Security Operations - SOC

Location : Ahmedabad, India

Experience : 10-14 Years in Security Operations Center (SOC)

Job Summary

We are seeking a highly experienced and strategic SOC Head to lead our Security Operations Center in Ahmedabad. The ideal candidate will possess a deep understanding of cybersecurity principles, incident management, threat intelligence, and security technologies. You will be responsible for leading a 24x7 SOC team, ensuring the effective monitoring, detection, and response to security incidents, and driving continuous improvement in our security posture.

Roles And Responsibilities

• Lead and manage the 24x7 SOC team, fostering a culture of innovation, accountability, and continuous improvement.
• Establish and maintain operational procedures, workflows, and service level agreements (SLAs) for the SOC.
• Provide strategic direction and guidance to the SOC team, aligning security operations with business objectives.
• Manage team performance, conduct regular performance reviews, and provide coaching and mentoring.
• Ensure adequate staffing, training, and development of SOC personnel.
• Manage budgets and resources for the SOC.
• Develop and implement incident response plans and procedures.
• Lead incident response efforts, ensuring timely and effective containment, eradication, and recovery.
• Conduct post-incident analysis and reporting, identifying lessons learned and implementing corrective actions.
• Ensure accurate and timely incident reporting and communication to stakeholders.
• Proficient in Incident Management and Response.
• Oversee the continuous monitoring of security events and alerts using SIEM (ArcSight) and other security tools.
• Perform threat management, threat modeling, and threat intelligence analysis.
• Develop and implement use cases for security monitoring and detection.
• Identify and analyze threat vectors and develop mitigation strategies.
• Responsible for integration of standard and non-standard logs in SIEM.
• Experience in threat management.
• Manage and maintain security devices, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions.
• Ensure the effective configuration and operation of SIEM (ArcSight) for log collection, correlation, and analysis.
• Management, administration & maintenance of security devices under the purview of ITGRC which consists of state-of-the-art technologies.
• Revise and develop processes to strengthen the current Security Operations Framework.
• Review and update security policies and procedures.
• Identify and address gaps in security controls and processes.
• Highlight the challenges in managing SLAs.
• Manage relationships with security vendors and service providers.
• Evaluate and select security tools and technologies.
• Monitor vendor performance and ensure adherence to SLAs.
• Experience in performing vendor management.
• Create and present reports, dashboards, and metrics for SOC operations to senior management.
• Provide regular updates on security incidents, threats, and vulnerabilities.
• Communicate effectively with stakeholders, including IT, business units, and external partners.
• Excellent communication and leadership skills.
  
  

Skills And Qualifications

• In-depth knowledge of security concepts, cyber-attacks, techniques, threat vectors, risk management, and incident management.
• Strong analytical, problem-solving, and interpersonal skills.
• Ability to handle high-pressure situations and manage critical incidents.
• Good Analytical skills, Problem-solving and Interpersonal skills.
• Ability to handle high-pressure situations with key stakeholders.
• Experience in security device management and SIEM (ArcSight)
• Monitoring, detection, incident response, and automation to proactively support ongoing security operations in an enterprise environment.
• Bachelor's Degree in Engineering (BE), Information Technology (IT) Engineering, Master of Computer Applications (MCA), or Master of Technology (M.Tech).
• Certified Ethical Hacker (CEH) certification required.
• Certified Information Systems Security Professional (CISSP) certification required.
• Additional security certifications (e.g., SANS GIAC, CISM, CISA) are highly advantageous.
  
  

(ref:hirist.tech)