Provide technical leadership for the delivery team, responsible for L3 incident resolution.
Coordinate SOC efforts across multiple business units during response.
Contribute towards Technology Transformation and drive automation initiative
Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms.
Perform hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and response to threats
Conduct proof-of-concept reviews for new security products.
Prepare reports, summaries, and other forms of communication that may be both internal and client facing.
Maintaining familiarity with industry trends and security best practices.
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives.
Work/guide on scripting like Python, Perl, Bash and/or Shell scripting
Evaluating Email Security solutions for policies like Sender Policy Framework(SPF) and Domain Keys Identification Mail(DKIM), recommend finetuning.
Effectively communicate/present security concepts with both technical and non-technical individuals
Author post mortem reports to be provided to senior leadership following an intrusion or red team engagement.