Logo
Insight Global

Security Operations Manager

Insight Global, Richmond, VA, United States

Required Skills & Experience

  • Minimum 6-year total experience with minimum 3+ years in a security operations environment - Have minimum 2 years’ experience managing a team of people. - Have minimum 2 years’ experience in client facing roles. - Good understanding of SIEM SOC concepts and operations - Clear technical and operational understanding of areas worked in - Good verbal & written communication skills

Nice to Have Skills & Experience

Engineering graduate – preferably B.E. /B tech in I.T of Computer Engineering One Certification Preferred – CCNA or CEH

Job Description

Ensure all threats at customer environment are detected and notified in timely manner. Ensure customer deliverables are being provided as per agreed service level agreements. Understand customer requirements and translate these into service outputs. Keep track of scope and scope deviations, scheduled and adhoc deliverables. Work with platform administration function to ensure integration of new devices, ensure health of monitoring infrastructure. Ensure threat scenarios and operating procedures are in line with best practices and customer expectations. Strong analytical and technical skills in computer network defence operations Incident Handling (Detection, Analysis, Triage) Hunting (anomalous pattern detection and content management). Prior experience of investigating security events. Should be able to distinguish incidents as opposed to non-incidents. Working knowledge of - operating systems - network technologies (firewall, proxy, DNS, Netflow) - Active Directory - Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.) - Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.). Identify Gaps and Proactively fix what is Committed vs Delivered: - Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources. - Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed. - Gap analysis based on customer domain / business applications / technology deployed etc: SPOC: Response to client problems/requirements: - First response to the customer queries and complete ownership till query is addressed. - Log source integration/decommission etc. - coordinating with other internal units within Atos for timely response to client. Show value/benefits of the delivery (MDR) during MIS/QBR meetings - Timely closure of operational tasks - Articulate SOC value add, proactive threat detection, new feature releases, etc. in MIS/QBR meetings.