Proficio is hiring a
Cybersecurity Operations manager

Summary

The job is for a Cybersecurity Operations Manager in India at Proficio, a managed detection and response services provider. The role involves managing cybersecurity operations on a 24/7 basis, engaging with internal stakeholders, leading engineering, monitoring, and management of various products, and providing human resources management.

Responsibilities

• Engage with internal stakeholder in various security incident management activities
• Develop (and oversees) metrics and Key Performance Indicators designed to illustrate program performance, alert fidelity, and how the SOC contributes to a reduction in overall enterprise risk
• Own/Manage quality assurance reviews for response actions taken, and address deficiencies as necessary
• Manage/Coordinate the design and onboarding of new technologies, alerts and associated response playbooks and procedures alongside Threat Detection, SOAR, and other Subject Matter Expert Teams
• Manage day-to-day operational support of the SOC, troubleshooting and maintenance of Security related processes, controls, or products
• Manage the planning, analysis, configuration, testing, documentation, and implementation of new or upgrades to security processes, controls or products as directed
• Participate and lead activities or team to resolve cyber incidents and ensure proper procedures are followed throughout lifecycle of an incident
• Respond to audits and other assurance reporting needs related to SOC activities
• Understand and provide input to the budget process and share responsibility for cost-effective expense control of assigned projects
• Evaluate/recommend purchases and/or licensed software products to identify and address security exposures
• Participate/lead Security and enterprise projects as assigned
• Represent team at design and new technology meetings
• Provide human resources management, including coaching, performance management, team development and growth, and workforce planning
• Lead the engineering, monitoring, and management of the following products: MSS/ HIPS/ SIEM/ WAF/ Firewall Security Operations
• Cyber security incident management on 24x7 basis with help of staff members. Manage service requests and tickets and follow-up with SOC for service status
• Update the operations procedures/ standards and keep up-to-date and reinforce security
• Manage end to end incident resolution by contacting on incidents, alerts triggered by SOC
• Establish security conference calls in case of incidents that are not acknowledged by respective team within 30 minutes of notification
• Lead, coordinate and report on response and resolution of security incidents and advise the site engineers on incident analysis and ensure a successful closure of information security incidents
• Review the firewall rules on an annual basis and provide a report to security leads
• Management and supervision of: Spam analysis of alerts received from end users and provide solutions
• Virus analysis and recommend the course of action for quick remediation
• Ticket creation with Barracuda for viruses/ spams to be blocked in future
• Support for procedures/ standards update
• Supervision of: External Penetration Testing via third parties
• Internal Scans using internal tools
• Web content filter management and incident resolutions
• Manual log monitoring and raise incident for affected users
• Monitoring of incidents, alerts triggered by SOC
• Ticket creation on service desk tool
• Onsite Shift Leads and their work
• New Security Projects and engineering work
• Prepare month report for IDS
• Prepare month report for Spam Filter
• Prepare weekly report for anti-virus
• Prepare monthly report for web content filter
• Prepare monthly report for SIEM
• Prepare monthly report for NAC, WAF and EDR
• Prepare monthly report for Security Management
• Design and implement vulnerability management and application security program for the group
• Manage Annual Vulnerability Assessment and Penetration Testing (VAPT) program of web applications, Mobile applications, thick clients and API's clients
• Integration of Security scanners in the CI/CD pipeline
• Work with the application team to achieve secure product lifecycle
• Perform static application security testing (SAST), dynamic application security testing (DAST) for the applications
• Improve security releases, lead, and influence cross-functional positive changes
• Drive the most difficult or highly complex application security reviews and threat modeling. Provide expert guidance and direction for other team members when they encounter challenges in their security reviews
• Own documentation and procedures surrounding application security reviews as well as lead by example for what successful application security reviews look like
• Have significant ownership in and evangelize security training with development teams
• Drive initiatives which scale application security and holistically address multiple vulnerabilities
• Manage the implementation of web seal on the Content portals

Benefits

• Opportunity to work in a progressive organization with structured training and roadmap for success
• Health benefits, lunches, gym reimbursement, and internet funding for our India staff!