IBM Cyber Defence Center CDC Lead 

India, Maharashtra, Pune 

948344050

• Responsible for security event monitoring.
• Establish operational foundations.
• Perform threat management.
• Coordinate with stake holders.
• Creation of reports, dashboards.
• Manage and process improvement Programme.
• Provide Security advisor.
• Assist analysts in following to established protocols and supervising employees.
• Keep your knowledge of cyber security up to date.
• Continuous review of the operations carried out by the SOC team.
• Ensure that the SOC team is fully compliant to the process defined.
• Efficiently manage the escalation procedures followed by the SOC team.
• Regularly monitor and review the incident and cases records.
• Regularly track the Timeline compliance of the SOC activities.
• Take measures to carry out SOC activities in an effective and efficient manner.
• Regularly review the processes and procedures followed by the SOC team and propose changes if there is a scope for improvement.
• Develop and evaluate metrics to measure the performance of the SOC team.
• Prov
• ide suggestions to add/remove log sources under monitoring scope.
• Coordinate with the external teams during incident management.
• Ensure the development of policies, procedures & documentations.
• Implement and maintain integrated work schedules and plans which ensure that the necessary deliverers are ready & available, Oversee the daily operations of the 24x7x365 Security Operations Center.
• Guide L1 and L2 Team to develop and configure use cases on SOC monitoring tools.

Who you are:
Provide leadership & oversight for SOC operations and own the Security Incident management process.
Ensure effective operational control of the environment, developing and integrating all SOC, Threat Intelligence and other related processes.
Perform service delivery activities and manage client expectations.
Develop and maintain reporting metrics and mechanisms used to execute and measure SOC
What you’ll do:
As the Subject Matter Expert (SME) on Cyber Security, render guidance on all Security Incidents and Threats.Proactively mitigate cyber security risks and strengthen the attack detection and response processes
How we’ll help you grow:
You’ll have access to all the technical and management training courses you need to become the expert you want to be
You’ll learn directly from expert developers in the field; our team leads love to mentor

Required Technical and Professional Expertise

• 5+ year of experience in SOC including 2+ year experience as Team Lead in SOC
• In-Depth knowledge of Linux based systems.
• Experience in security device management and SIEM
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Should have hands-on experience on Wazuh & IBM QRadar.
• Analysis of logs on Wazuh SIEM tool.
• Prior experience of management of Security Operations Centers/Managed Security services.
• Expertise in Cyber Security attacks, tools & techniques, and experience with Advanced Threat management.
• Experience in SIEM tools, SOAR and Threat Intelligence platforms.
• Knowledge of various operating system Flavors, Applications, Databases, Middleware to address security threats against the same.
• Experience/knowledge in Forensics.
• Professional/Technical Certifications (Security+, CCSE, CCSP, TICSA, MCSE, etc.) desirable

Preferred Technical and Professional Expertise