SOC Lead
Job Title: SOC Lead
Location: Frisco,Texas
Duration: 6 Months
Job Description:-
Keywords to look for – SOAR, Azure security center, SIEM, Azure Sentinel, Splunk, QRadar
Minimum experience in SIEM – 5 years.
Minimum experience in SIEM – 5 years.
General Purpose:-
Candidate is responsible for the design, implementation, and operational success of a SIEM Engineering team within Managed Security Services.
This includes managing the people, processes, and technologies required to deliver an efficient and effective SIEM Engineering service while supporting multiple clients across several SIEM technologies.
This includes managing the people, processes, and technologies required to deliver an efficient and effective SIEM Engineering service while supporting multiple clients across several SIEM technologies.
Qualification:-
Candidates with bachelor’s degree and certification preferred
Excellent and effective communication skills
Ready to work in 24*7 shifts
CISSP, CISM, or other managerial level information security certification.
Excellent and effective communication skills
Ready to work in 24*7 shifts
CISSP, CISM, or other managerial level information security certification.
Tasks and Responsibilities:-
Candidate must knows MS Sentinel
10 + year of SIEM solution like Splunk/HO ArcSight
Creating playbooks to implement SOAR
Implementing use cases and log management
Creating workbooks to implement dashboards and apps
Following-up with the client and any enhancements to existing cyber security measures
The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines
When a security incident is declared they execute incident response process and document the same
Operate the console of security information and event management tools (SIEM-MS Sentinel)
Read coded scripts and modify and debug programs
Develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc.
Work on various operating systems and platforms
Work with word processors, spreadsheets, and presentations.
10 + year of SIEM solution like Splunk/HO ArcSight
Creating playbooks to implement SOAR
Implementing use cases and log management
Creating workbooks to implement dashboards and apps
Following-up with the client and any enhancements to existing cyber security measures
The job also involves identifying potential threats and performing enhancements to existing cyber security measures as per specifications or policy guidelines
When a security incident is declared they execute incident response process and document the same
Operate the console of security information and event management tools (SIEM-MS Sentinel)
Read coded scripts and modify and debug programs
Develop custom parsers to parse logs from different sources including firewalls, operating systems, applications, etc.
Work on various operating systems and platforms
Work with word processors, spreadsheets, and presentations.
Technical skills required:
Candidate must have MS-SENTINEL Experience
Hands-on experience with Kusto Query language
Information security skills and experience with SIEM technologies especially Azure Sentinel and other technologies associated with SIEM (IDS/IPS, routers/switches, network and application layer firewalls, log aggregators, etc.)
Candidate must have L3 SOC experience
Candidate can play Escalation Manager Role in MS-Sentinel
Who can closely work with Customer for high security incident so knowledge of AD/O365/Windows 10/AV/SCCM is must who can review the environment / new features / new requirements in MS Sentinel and work with customer who knows Syslog.
Hands-on experience with Kusto Query language
Information security skills and experience with SIEM technologies especially Azure Sentinel and other technologies associated with SIEM (IDS/IPS, routers/switches, network and application layer firewalls, log aggregators, etc.)
Candidate must have L3 SOC experience
Candidate can play Escalation Manager Role in MS-Sentinel
Who can closely work with Customer for high security incident so knowledge of AD/O365/Windows 10/AV/SCCM is must who can review the environment / new features / new requirements in MS Sentinel and work with customer who knows Syslog.
Key Requirements :
Who knows MS SENTINEL and is specialized L3 SOC analysis & check/review which was done by offshore team and guide them accordingly
Who can play escalation manager role in MS Sentinel
Who can closely work with Customer for high security incident so knowledge of AD/O365/Windows 10/AV/SCCM is must
Who can review the environment / new features / new requirements in MS Sentinel and work with customer
Who can write KQL queries for all correlation rules given by client and according to requirement and guide/review/correct the rules made by offshore team who knows parser for syslog.
Who can play escalation manager role in MS Sentinel
Who can closely work with Customer for high security incident so knowledge of AD/O365/Windows 10/AV/SCCM is must
Who can review the environment / new features / new requirements in MS Sentinel and work with customer
Who can write KQL queries for all correlation rules given by client and according to requirement and guide/review/correct the rules made by offshore team who knows parser for syslog.
Job Features
| Job Category | SOC LEAD |
| Experience | Entry Level |
