SOC Lead/Security Consultant

Background:

Positka is a Singapore based boutique consulting firm with blue chip multinational clients. Positka provides a broad range of outcome based cybersecurity offerings. These include consulting and advisory services, designing and implementing of solutions (across prevention, detection, monitoring and response), and managed security services.

Positka are looking for highly motivated and exceptionally driven people to join their fast-growing consulting practice. On offer is an opportunity to be part of an entrepreneurial journey, to work with the best professionals in the world and to achieve outstanding financial rewards.

Positka is committed to investing in training / upskilling and providing opportunities to work across key security domains (such as Cloud, Zero trust, Identity & Access, Data, OT) and with emerging technologies (such as Deception, SASE, Breach and Attack Simulation, etc.)

Role Description

If you are a security enthusiast with demonstrable experience in security domain, we would like to talk to you. We are looking for a security expert with strong hands-on experience and broad knowledge across the security domain.

The ideal candidate should have managed a SOC team of 10+ SOC analysts, is an expert in at least two of the security domains (monitoring & response, data security, application security, endpoint security, network security, perimeter security, cloud security, risk & compliance) and have hands on experience on at least SIEM and two other security technologies (such as SOAR, IPS/IDS, EDR, TI, DLP, CASB, PAM etc.).

Candidate will be expected to:

• Responsible for the security monitoring & log analysis of multi-vendor security solutions

• 24x7 alerts monitoring and tracking Incidents on SIEM and EDR, reporting & escalation, regular SIEM administration, definition and enforcement of network & cloud security policies, research on new security technologies and create roadmap for implementing them in SOC,

• Formulating and implementing monitoring policies, procedures and standards relating to SecOps and security domains network security, data security, cloud security, zero trust, etc.

• Automated response to security incidents (malware infections, un-authorized access, malicious emails, DDoS attacks, etc, together with evaluating the type, nature and severity of security events (security assurance/security compliance) through the use of a range of security event analysis tools

• Assess security technologies and data in place to propose relevant Security use cases (mostly from security incidents monitoring perspective)

• Work with SIEM and SOAR technical team to design new security use cases and provide functional requirements

• Enhance SOC service capabilities and offerings across key security domains and solution areas.

• Deliver security consulting and security implementation projects.

• Engage with potential clients (senior executives) on broad security domain discussions (topics can be related to basics of SecOps processes, Security architecture design, ISO security standards, NIST standards, Threat Intelligence, security analytics, Identity and Access Management, Network security, IDS/IPS, VAPT, etc.)

• Work with CISO/CIO to create a SOC maturity roadmap and then execute it

• Speak at in-house and partner marketing events/webinars on the trending security topics of interest

Experience, skills, education

- Educational qualification: Engg/BCA/MCA or any other technical degree.

- Industry certifications like CISSP, CCSP, CRISC, etc. and/or OEM certifications such as CCNA, AWS certified, Azure certified, etc. will be an added advantage

- 7+ years of experience working across at least two of the security domains (monitoring & response, data security, endpoint security, network security, perimeter security, cloud security)

- 5+ years of hands-on experience on leading analytical platform like Splunk, Qradar, Sentinel, Arcsight. Knowledge on other security technologies (such as SOAR, IPS/IDS, EDR, TI, DLP, CASB, PAM etc.) will be added advantage

- Manages a team of L2/L3 SOC analyst (not L1 alone)

- Drives monthly/weekly customer engagement sessions on SOC performance and connects with CIOs/CISOs on security strategy discussions

- Should have solid knowledge on high-level security architecture and relevant security KPIs

- Strong communication (written / oral) skills, presentation skills, consulting skills

- Strong Problem solving and analytical skills

Location

- The role location is Chennai.

- Ability and willingness to travel will be essential.

Remuneration: Competitive to the market.

Interview Process: Approximately 3-4 rounds of interview, including an assignment to be submitted after the first round.

Contact: [email protected]