Senior Security SOC Lead
Insight Global
Ensure all threats at customer environment are detected and notified in timely manner.
Ensure customer deliverables are being provided as per agreed service level agreements.
Understand customer requirements and translate these into service outputs.
Keep track of scope and scope deviations, scheduled and adhoc deliverables.
Work with platform administration function to ensure integration of new devices, ensure health of monitoring infrastructure.
Ensure threat scenarios and operating procedures are in line with best practices and customer expectations.
Strong analytical and technical skills in computer network defence operations
Incident Handling (Detection, Analysis, Triage)
Hunting (anomalous pattern detection and content management).
Prior experience of investigating security events.
Should be able to distinguish incidents as opposed to non-incidents.
Working knowledge of
operating systems
network technologies (firewall, proxy, DNS, Netflow)
Active Directory
Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.)
Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
Identify Gaps and Proactively fix what is Committed vs Delivered:
Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources.
Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed.
Gap analysis based on customer domain / business applications / technology deployed etc:
SPOC: Response to client problems/requirements:
First response to the customer queries and complete ownership till query is addressed.
Log source integration/decommission etc.
coordinating with other internal units within Atos for timely response to client.
Show value/benefits of the delivery (MDR) during MIS/QBR meetings
Timely closure of operational tasks
Articulate SOC value add, proactive threat detection, new feature releases, etc. in MIS/QBR meetings.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Ensure customer deliverables are being provided as per agreed service level agreements.
Understand customer requirements and translate these into service outputs.
Keep track of scope and scope deviations, scheduled and adhoc deliverables.
Work with platform administration function to ensure integration of new devices, ensure health of monitoring infrastructure.
Ensure threat scenarios and operating procedures are in line with best practices and customer expectations.
Strong analytical and technical skills in computer network defence operations
Incident Handling (Detection, Analysis, Triage)
Hunting (anomalous pattern detection and content management).
Prior experience of investigating security events.
Should be able to distinguish incidents as opposed to non-incidents.
Working knowledge of
operating systems
network technologies (firewall, proxy, DNS, Netflow)
Active Directory
Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.)
Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
Identify Gaps and Proactively fix what is Committed vs Delivered:
Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources.
Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed.
Gap analysis based on customer domain / business applications / technology deployed etc:
SPOC: Response to client problems/requirements:
First response to the customer queries and complete ownership till query is addressed.
Log source integration/decommission etc.
coordinating with other internal units within Atos for timely response to client.
Show value/benefits of the delivery (MDR) during MIS/QBR meetings
Timely closure of operational tasks
Articulate SOC value add, proactive threat detection, new feature releases, etc. in MIS/QBR meetings.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .
Confirm your E-mail: Send Email
All Jobs from Insight Global