Flag job

Report

Eventus Security - Security Operations Center Head

Location

Ahmedabad, Gujarat, India

JobType

full-time

About the job

Info This job is sourced from a job board

About the role

Designation : SOC Head

Department : Security Operations - SOC

Location : Ahmedabad, India

Experience : 10-14 Years in Security Operations Center (SOC)

Job Summary

We are seeking a highly experienced and strategic SOC Head to lead our Security Operations Center in Ahmedabad. The ideal candidate will possess a deep understanding of cybersecurity principles, incident management, threat intelligence, and security technologies. You will be responsible for leading a 24x7 SOC team, ensuring the effective monitoring, detection, and response to security incidents, and driving continuous improvement in our security posture.

Roles And Responsibilities

  • Lead and manage the 24x7 SOC team, fostering a culture of innovation, accountability, and continuous improvement.
  • Establish and maintain operational procedures, workflows, and service level agreements (SLAs) for the SOC.
  • Provide strategic direction and guidance to the SOC team, aligning security operations with business objectives.
  • Manage team performance, conduct regular performance reviews, and provide coaching and mentoring.
  • Ensure adequate staffing, training, and development of SOC personnel.
  • Manage budgets and resources for the SOC.
  • Develop and implement incident response plans and procedures.
  • Lead incident response efforts, ensuring timely and effective containment, eradication, and recovery.
  • Conduct post-incident analysis and reporting, identifying lessons learned and implementing corrective actions.
  • Ensure accurate and timely incident reporting and communication to stakeholders.
  • Proficient in Incident Management and Response.
  • Oversee the continuous monitoring of security events and alerts using SIEM (ArcSight) and other security tools.
  • Perform threat management, threat modeling, and threat intelligence analysis.
  • Develop and implement use cases for security monitoring and detection.
  • Identify and analyze threat vectors and develop mitigation strategies.
  • Responsible for integration of standard and non-standard logs in SIEM.
  • Experience in threat management.
  • Manage and maintain security devices, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint security solutions.
  • Ensure the effective configuration and operation of SIEM (ArcSight) for log collection, correlation, and analysis.
  • Management, administration & maintenance of security devices under the purview of ITGRC which consists of state-of-the-art technologies.
  • Revise and develop processes to strengthen the current Security Operations Framework.
  • Review and update security policies and procedures.
  • Identify and address gaps in security controls and processes.
  • Highlight the challenges in managing SLAs.
  • Manage relationships with security vendors and service providers.
  • Evaluate and select security tools and technologies.
  • Monitor vendor performance and ensure adherence to SLAs.
  • Experience in performing vendor management.
  • Create and present reports, dashboards, and metrics for SOC operations to senior management.
  • Provide regular updates on security incidents, threats, and vulnerabilities.
  • Communicate effectively with stakeholders, including IT, business units, and external partners.
  • Excellent communication and leadership skills.

Skills And Qualifications

  • In-depth knowledge of security concepts, cyber-attacks, techniques, threat vectors, risk management, and incident management.
  • Strong analytical, problem-solving, and interpersonal skills.
  • Ability to handle high-pressure situations and manage critical incidents.
  • Good Analytical skills, Problem-solving and Interpersonal skills.
  • Ability to handle high-pressure situations with key stakeholders.
  • Experience in security device management and SIEM (ArcSight)
  • Monitoring, detection, incident response, and automation to proactively support ongoing security operations in an enterprise environment.
  • Bachelor's Degree in Engineering (BE), Information Technology (IT) Engineering, Master of Computer Applications (MCA), or Master of Technology (M.Tech).
  • Certified Ethical Hacker (CEH) certification required.
  • Certified Information Systems Security Professional (CISSP) certification required.
  • Additional security certifications (e.g., SANS GIAC, CISM, CISA) are highly advantageous.

(ref:hirist.tech)

Skills

SIEM
business objectives
incident response
interpersonal skills
Service Level Agreements