i. Lead and manage a 24x7x365 Security Operations Centre providing technical oversight
ii. Lead staff to proactively identify, prevent and respond to security incidents
iii. Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
iv. Ensure compliance to Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.
v. Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve governance.
vi. Responsible for team management, scheduling, utilization of resources and initiation of corrective action where required for Security Operations Center.
vii. Management, administration & maintenance of security devices under the purview of SOC operations
viii. Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring.
ix. Responsible for integration of standard and non-standard logs in SIEM
x. Creation of reports, dashboards, metrics for SOC operations and presentation to client.
xi. Co-ordinate with stakeholders to build and maintain positive working relationship; this include subordinate SOCs supporting the organization.