Security Operations Manager

The position involves leading and managing the Global Security Operations Center, handling critical incidents and escalations, and contributing to the organization's security posture. The role requires experience with SIEM, threat intelligence, incident management, and enterprise security architecture, along with team leadership and vendor management.

• Handling critical incidents/escalations, reviewing incidents and tracking towards closure
• Good experience in SIEM tools, event logging and event analysis
• Good knowledge in enterprise security products like Firewalls, EDR, IPS, Web/content Filtering tools, Compliance tools
• Team Management, performance monitoring and prepare reports on weekly, monthly basis and share to stakeholders as needed
• Good knowledge about common security attacks, targeted attacks
• Good experience in forensic analysis, Packet Analysis tools like Wireshark, TCP Dump etc
• Good knowledge in Enterprise Security architecture
• Knowledge on compliance requirements and audits
• Assisting, mentoring L3/L2 analysts and groom them to move to next level
• Contribute to continue monitoring and improvement of security posture of the organization
• Having experience of managing team of 15+ team members across multiple locations

• Experience in Leading and managing Global Security Operations Center
• Proficient in Incident Management and Response
• Experience in security device management and SIEM (RSA / Splunk)
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Experience in threat management
• Knowledge of Operating Systems, applications, databases, middleware to address security threats against the same
• Proficient in preparation of reports, dashboards and documentation
• Excellent communication and leadership skills
• Experience in performing vendor management
• Good Analytical skills, Problem solving and Interpersonal skills
• Ability to handle high pressure situations with key stakeholders
• Experience in Threat Intelligence and deception
• Tools/Technologies - SIEM tools, SOC, Security Incident Management, Threat Intel, Malware analysis, Firewalls, IPS, Web/content Filtering tools, AV, APT Tools, Wireshark, TCP Dump, Encase/Any other Forensic tool kit

• Desire and ability to stay abreast of current and emerging technologies and apply them appropriately to business challenges
• Strong analytical and conceptual skills being a self-starter
• Experience with data gathering, complex data analysis and developing standardized reporting to support large organizational decision/support
• IT Financial Analysis and Reporting Experience

• Understanding of Crowdstrike, Cortex XSIAM, Google Chronicle.
• Understanding of Incident, Change, and Problem Management (ITIL)
• Understanding of Cyber Security incidents
• Understanding of Virtualization technologies
• Hands on experience on Event Monitoring Tools
• Understanding of Network, Server, AD , DC infrastructure

• Mid-Senior level

• Full-time

• Information Technology

• IT Services and IT Consulting

Pay and benefits: A candidate's pay within the range will depend on their skills, experience, education, and other factors permitted by law. This role may also be eligible for performance-based bonuses subject to company policies. In addition, benefits subject to company policies include medical, dental, vision, pharmacy, life, accidental death and dismemberment, disability insurance; employee assistance program; 401(k) retirement plan; 10 days of paid time off per year (some positions are eligible for need-based leave with no designated number of leave days per year);

and 10 paid holidays per year.