Cyber Security Operations Lead

Key Objectives and Major Responsibilities:

Cyber Security Program

• Lead Security Operations to meet organization Cyber Security objectives & goals
• Communicate & work closely with IT Team, where operational security issues are identified
• Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
• Partner with SOC and Incident Response teams in the event of a security incident to ensure timely mitigation and remediation efforts are completed
• Create and maintain security incident response plan and procedures.
• Communicate effectively, presenting complex technical matters clearly and concisely with audiences ranging from peers to Sr. Management
• Maintain current knowledge with respect to technologies and products both in house and in the market
• Recommend effective changes to enhance defense and response procedures
• Drive the team and evaluate, test, and select security tools and products

Stakeholder Management & Communication

• Ability to communicate technical ideas and strategies effectively to non-technical audiences, including executive leadership, via multiple mediums (e.g., written communications, verbal communications, presentations, etc.)
• Cybersecurity Technology Trends – Demonstrate a strong understanding of emerging trends in the cybersecurity technology landscape, including new technologies, processes, and ways of working
• Able to determine the impact of technological advancement on the company’s systems, applications, infrastructure, and practices
• Vendor/contract management – Ability to build effective relationships with third party providers, suppliers, and partners

SOC Operations and Incident Response

• Control & facilitate the identification, response, investigation, remediation, and reporting of information security incidents
• Manage the advance threat protection & strengthen the cyber incidents response framework & capabilities
• Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk
• Examine impacts of new technologies on the organization’s overall information security
• Create operation reports and dashboard for management on security operations
• Drive vulnerability management operations – Vulnerability identification to remediation.

 Key Capabilities and Competencies

• In-depth knowledge of modern security concepts such as common attack vectors, malware, security analytics and threat intelligence
• Understanding of Cybersecurity Operations models and technologies (cloud, automation, orchestration, analytics, and risk-based approaches)
• Excellent understanding of major regulatory and industry standards such as NIST and MITRE ATT&ACK framework.
• Work closely with SOC partner, Cert-in and other similar bodies and act promptly on latest cyber threat advisories
• Experience with Endpoint Detection & Response (EDR/XDR), automation (SOAR) and SIEM tools.
• Ability to review, test (POC), finalize & propose Security tools, meeting organization requirements
• Ability to review existing Cyber Security posture of the organization and highlight areas of improvements and potential gaps in cyber controls
• Fair knowledge and hands-on experience in Antivirus, Patching, systems hardening and server & endpoint protection
• Knowledge and hands-on with tools and technologies like MFA, MDM, Data Discovery & Classification, NAC, Encryption, DLP, PAM, IPS/IDS, WAF, Firewall, Proxy, AD, O365, SOC operations, Proxy etc.
• Competence to review Vulnerability Reports and suggest/ propose remedial actions
• Work closely with Security Partners and act promptly on Security Advisories and vulnerabilities
• Fair knowledge of regulatory guidelines, legislations, statutory requirements, and its application within the Company
• Good understanding of the information security principles, policies, practices, and implementation of next generation technologies
• Understanding of the nature of cyber threats and risks to the Company’s information assets
• Ability to correlate information & cyber security issues & mitigation plan with the overall Company’s strategy
• Ability to efficiently project manage, and possess written and oral communication skills
• Ability to collaborate with functional teams and work closely on information security initiatives

Qualification and Experience

• Diploma/ Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, related field, or equivalent training and/or experience
• CEH, GCIH, XDR certification or other Cyber Security Certifications would be an advantage
• Overall, 8-12 years of relevant experience in information security & crisis management. Preference shall be given to experience in Insurance tech, IT or BFSI.
• Knowledge of information security standards such as ISO, PCI etc.