Logo
Eviden

Eviden is hiring: Security Operations Specialist in Reston

Eviden, Reston, VA, United States

SOC Lead Manager - MDR (SOC)

Experience Range: 8+ years


Key Responsibilities: -


  • Represent the SOC findings in customer calls – highlight value added by SOC, understand the gaps (if any) from customer and work towards fixing those.
  • Distinguish incidents as opposed to non-incidents, so as has to

i) hold meaningful/intelligent conversation with customers and

ii) lead the team with right directions.

  • Steer the team of Analysts and Sr. Analysts on Incident Handling (Detection, Analysis, Triage, and Response) processes. Also, guide the team on client processes so that team constantly meets 99% SLA requirements on notification, investigation, response, and remediation.
  • Coordinate with Account Management (customer relationship management team) to set healthy expectations of client and improved deliverables of SOC.
  • Ensure all threats at customer environment are detected and notified in timely manner.
  • Ensure customer deliverables are being provided as per agreed service level agreements. The operating procedures are documented and change requests are tracked/approved.
  • Understand customer requirements and translate these into service outputs.
  • Ensure that the incident analysis runbooks, incident response runbooks and standard operating procedures are built, maintained, and are kept in line with best practices and customer expectations.
  • Keep track of scope and scope deviations, scheduled and adhoc deliverables.
  • Work with platform administration team to ensure integration of new devices and ensure health of monitoring infrastructure.
  • Working knowledge of

o operating systems

o network technologies (firewall, proxy, DNS, Netflow)

o Active Directory

o Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.)

o Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).

  • Identify Gaps and Proactively fix what is Committed vs Delivered:

o Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources.

o Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed.

o Gap analysis based on customer domain / business applications / technology deployed etc:

  • SPOC: Response to client problems/requirements:

o First response to the customer queries and complete ownership till query is addressed.

o Log source integration/decommission etc.

o coordinating with other internal units within Atos for timely response to client.

  • Show value/benefits of the delivery (MDR) during Periodic Service Review (PSR) meetings

o Timely closure of operational tasks

o Articulate SOC value add, proactive threat detection, new feature releases, etc. in PSR meetings. The candidates should have:

  • Strong analytical and technical skills in computer network defence operations.
  • Prior experience of investigating security events and leading the team.
  • Good understanding of SIEM SOC concepts and operations
  • Clear technical and operational understanding of areas worked in
  • Good verbal & written communication skills Qualification: - Engineering graduate
  • preferably B.E. /B tech in I.T of Computer Engineering
  • Preferred Certifications – CISSP, CISA, CCNA, CEH