Manager Information Security Operations (SOC)

Masters / 4 years Bachelors in Information Security / Computer Science / Information Technology / Project Management / Business Administration from some reputed foreign or HEC-recognized institution / university.

• Candidate having 7+ years proven experience of the development, implementation, and maintenance of corporate-wide Information Security Policies, Programs, Standards and technologies with respect to Security Operation Center (SOC).
• Professional security management certification like ISO 27001, CISM, CISSP, CEH, CISA, COBIT, CompTIA Security+, Certified SIEM/SOC administrator.
• Knowledge of disaster recovery, computer forensic tools, IT audits, technologies and methods.
• Professional experience in a Security Operation Center (SOC) role supporting multiple platforms and applications.
•  Ability to communicate information (cyber/network/data) security issues to peers and management.
• Experience designing secure networks, systems and application architectures.
• Direct experience with anti-virus software, intrusion detection, firewalls and content filtering.
• Knowledge of SOC / Information security / risk assessment tools, technologies and methods.
• Require an excellent working knowledge of UNIX, Windows, and other operating system platforms.
•  Thorough understanding of established security and data sharing standards, such as SOX, HIPAA, and ISO, to ensure organizational compliance.
• Strong problem-solving skills
•  Excellent communication skills both verbal & written.

Responsibilities:

• Provide assistance to develop, maintain and implement information security/cyber security/ network security processes / framework / methodologies related to operations.
• Provide assistance to develop, implement, and maintain corporate-wide Information Security Policies, Programs, Standards and technologies.
• Provide assistance to develop, maintain, enhance, implement and monitor information (Cyber/network/data) security management / information risk management processes / framework / methodologies compliance against CIA (Confidentiality, Integrity, and Availability).
•  Ensure the confidentiality, integrity and availability of organization's information, data and IT services.
• Manage to provide a secure, reliable platform (security operation center – SOC) organization-wide and to authorized third parties with the assurance that the platform is appropriate to process sensitive information.
• Maintaining the Security Information & Events Management (SIEM) solution with the components for high availability & Scrutiny of log files.
• conduct information security awareness sessions / workshops on regular basis.
• Support in providing a centralized management structure for all operation related information security functions.
• Monitor all operations and infrastructure.
• Maintain all security tools and technologies.
• Ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
• Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives.
• Perform IT security risk assessments and reporting on ways to minimize threats.
• Monitor security vulnerabilities and hacking threats in network and host systems.
•  Tracking latest IT security innovations and keeping abreast of latest cyber security technologies
•  Ensure disaster recovery & business continuity.
•  Perform internal information security audits on regular intervals against all technologies.
• Communicate with key stakeholders about IT security threats.
•  Implement an effective process for the reporting of security incidents.
• In Case of a Security Breach, leads incident response activities to minimize the impact of a Security Breach. 
• Technical and forensic investigation into how the breach happened and the extent of the damage.
• Overseeing the investigation of reported security breaches.
•  Develop strategies to handle security incidents and trigger investigations.
• Manage/deliver training, coaching, and mentoring to information security team members.
• Comply with the latest regulations and compliance requirements.
• Keep organization updated about the latest security strategies and technologies.
• Ensure compliance to legal, regulatory & contractual information security requirements.
•  Responsible for overall use of resources and initiation of corrective action where required for Security Operations Center (SOC).
• Ensuring daily management, administration & maintenance of security devices to achieve operational effectiveness.
• Creation of reports, dashboards, metrics for SOC operations and presentation to Senior Management.
•  Manage staffing, including recruitment, supervision, scheduling, development, evaluation, and disciplinary actions.
•  Establish operational foundations, defining metrics and KPIs to drive governance, quality, and efficiency.  Influence and improve existing processes through innovation and operational change
• Ensure that cybersecurity is truly a central part of organizational culture, keeping stakeholders at all levels informed and vigilant.
•  Co-ordination with stakeholders, build and maintain positive working relationships with them
• Any task assigned by management.