SOC Team Lead

About The Position

Requirements

• Good communication skills and has the ability to work across multi-cultural environment.
• Strong analytical and problem solving skills; research skills as the role requires conducting research on latest information regarding vulnerabilities and cyber-attacks.
• Understanding of common network services (web, mail, FTP, etc), network vulnerabilities, and network attack patterns
• Willing to work flexible schedules, sometimes overnight shifts

Nice To Haves

• Certification in Sec+, CySA+, CASP+, CEH, GCIH, ISC2 CC(Certifications can include any vendor certifications or general network security certification.)
• With at least 6 years of experience of team handling,
• With proven expertise in customer service handling escalated cases as the role will be client-focused working on large-scale organization as first line of escalation.
• Broad experience of technologies including but not limited to; Firewalls, IPS & IDS, Active Directory, Windows Server, Linux, TCP/IP, Networks, AWS, CDN's, Vulnerability management, SIEM Architecture, EPP, EDR, AV, and DRM.
• Background in Linux/Windows System Administration
• With at least basic to intermediate knowledge with the fundamentals of cybersecurity such as Security Administration, Incident Handling, Containment, Recovery, and Mitigation
• Knowledge in Threat Hunting, and Reverse Engineering
• Background and strong exposure on Use Case Management
• Knowledge and experience in IT Security (Physical, hardware and software)
• Experience with security assessment tools (NMAP, ISS, NESSUS) is preferred.

Responsibilities

• Monitor and analyze IDS/IPS, NIDS/NIPS, UTM, EDR, EPP, Windows Event and Security Logs, and Security Incident and Event Management (SIEM) toolset event logs to identify security attacks and threats for remediation/suppression.
• Assist in Computer Security Incident Response activities for large organizations as a first line security analyst to identify various malicious threats in enterprise environments.
• Ensure timely accurate communications of alerts to IT, Network or Security groups regarding intrusions and compromises to their network infrastructure, applications and operating systems.
• Assist Senior Analysts with the implementation of counter-measures or mitigating controls.
• Primary escalation for L1 Security Analysts, and ensures that workload is managed and distributed well to analysts.
• Perform Technical Audits on a monthly basis to ensure that SLA, and Incident Tickets contain valuable information that is highly important to clients.
• Facilitate trainings, and mentoring to L1, and L2 Security Analysts to ensure accuracy, and timeliness of incident handling.
• Accountable for changes to policy and guidelines, to improve operational effectiveness and efficiency.