Support Security Operations Center (SOC) as a shift lead, performing threat based detailed investigations, recommending incident detection methodologies, and providing expert support to incident response and monitoring functions.
Be a technical and thought leader in driving KPI metrics, automation, analytics, and operational efficiencies.
Provide recommendations to improve security postures or reduce security risk and assist in identifying opportunities for automation to save manual efforts.
Ensure fullest quality of SOC service delivery, and help in maturing incident response actions, policies, procedures including process improvements.
Act as escalation point for all advanced security incident escalations from L1 SOC analysts and responsible for all SOC activities or BAU happening in a shift (24/7 support).
Perform review, enhance run books, operating procedures and playbooks, assign and prioritize tasks/incidents to SOC L1 team members.
Manage incidents in pipeline including escalation of outstanding incidents, incidents requiring updates, and escalation of open incidents where necessary.
Responsible for meeting SLA and leading SOC shift handover calls. Provide continuous improvement and on job training for L1 SOC analysts.
Expert in analyzing logs from network devices, applications, infra services, platforms, security products and endpoint data using SIEM and various security technologies.
Manage security event or incident investigations, and anchor/handle incidents by following industry well known incident detection, response frameworks like NIST, MITRE, etc.
