Roles & Responsibilities:
- Have over 10+ years of rich experience in information security domain and at least 6-8 years of dedicated experience in Security Incident Response.
- Hands on experience in implementing and operationalizing SIEM/SOAR tools such as Sentinel, ArcSight etc.
- Experience in defining and reporting KPIs for Security Incident response.
- Familiarity with advanced SOC monitoring technologies, risk, threat and security measures.
- Knowledge across the SOC domains including governance, control frameworks, policies, compliance management, risk management and incident response etc.
- Comprehensive knowledge of regulatory and compliance requirements and how they influence the bank's Information Security strategy.
- Preferably worked in BFSI domain with proven experience in SOC function.
- Strong understanding of key security standards and regulations such as NIST 800-61, CERT/CC, PCI, ISO 27035 etc.
Skills and Application
- Leads the development and implementation of comprehensive Security Governance strategies that address identified risks and compliance requirements, incorporating advanced technologies and methodologies to enhance security posture.
- Deep understanding of Security Incident response frameworks and their application in creating robust policies.
- Automate potential resilient security processes to ensure continuous compliance with security best practices.
- Maintaining up-to-date knowledge of security trends, threats, and countermeasures
- Assess and design security posture determination processes, tools and methodologies
- Reviewing and approving use cases/playbooks for SIEM/SOAR tools
- Continuously monitor security hygiene and performance using tools and processes
- Collaborate with other IS teams, Ops and tech teams on enhancing security incident response resilience
Other
- Knowledge of evolving advanced tech stacks and related control and risk universe from a SOC perspective.
- Knowledge and expertise in conducting risk assessment and management.
- The ideal candidate will have a technical or computer science degree.
- Professional certifications: GCIH, CISSP, CEH, FOR608, CISM etc.
