Incident Response-SOC Lead

In this role, you will have the opportunity to work closely with one of our esteemed clients. This client is a global leader known for its commitment to quality and innovation. They have chosen Dautom as their trusted partner for their upcoming projects.

Job Description:

1. Incident Response Process: Owns the critical process steps detection, validation, containment, and communication for security events and incidents such as malware infections, potential compromise, Distributed Denial of Service (DDoS), etc.
2. Security Incident and Event Management (SIEM): Drives our strategy for SIEM and oversees the effectiveness of the technology and process. Involves appropriate tuning, correlation of critical logs, connection to our incident response process, and reporting of relevant metrics.
3. Security Operations Playbooks: Create, maintain, and promote a set of security operation playbooks with Agilents IT teams to effectively trigger and execute the security incident response process.
4. Logging and Monitoring Across Infrastructure & Applications: Manages the current state of logging and monitoring, maintains a vision of ideal state of logging and monitoring, and drives a prioritized roadmap to reduce the gaps.
5. Internal / External Engagements: Act as a SPOC for all escalated client communications and handle the day-to-day operations of the Security Operations Centre reporting to the SOC Manager.

Required Skills:

Logging, Event Management, Steps Validation, Metrics, Infrastructure Strategy, Security Communication Management