GSOC Azure Team Lead

Job Description

16- Aug- 2018GSOC Azure Team Lead136990BRJob Description1 GSOC Team Leader / Assistant Manager 1.1 Job Title GSOC Assistant Manager 1.2 Working hours Cover 24x7 service hours GSOC 8.5/ 7/ 365: Average 40 hours a week, Monday to Sunday. 1.3 Location Global Security Operations Center (GSOC) KPMGAdvant Navis Business Park6th Floor, Tower AI.T/ I.T.E.S ComplexNoidaUttar Pradesh201305India Limited Travel may be required within KPMG s global network of Member Firms.1.4 Job DescriptionKPMG s Global Security Operations Centre (GSOC) helps defend KPMG and its clients from cyber- attacks, through timely detection, investigation and remediation of potential threats.The role holder is responsible for the continuous investigation of correlated security event feeds and the appropriate escalation in case of an identified security incident. They are the primary contact for any suspected security incident and work together with the member firm local Computer Security Incident Response Team (CSIRT) and remediation team on resolving incidents and remediating threats to KPMG.The GSOC Team Leader manages the day to day operations of the GSOC Analysts and Senior Analyst on shift and acts as deputy operations manager out of core business hours.1.5 Responsibilities Manage the delivery of all GSOC services provided to Member Firms during shift. Including, but not limited to; Azure Security Monitoring and Alerting, Act as main contact for GSOC services during shift Deputise for the Deputy Operations Manager during out of business hours2 Manage Security Incident Queue, assigning tickets to Analyst by priority and age Ensure all Security Incident are handle to the required GSOC standards and KPIs Motivate, coach and measure effectiveness of team members Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration Investigate incidents using Azure Security features, SIEM technology, packet captures, reports, data visualization, and pattern analysis. Analyze, escalate, and assist in remediation of critical information security incidents. Improve and challenge existing processes and procedures in a very agile global and fast moving information security environment. Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the GSOC Act as the lead coordinator for the GSOC s response to individual cyber security incidents Identify and document containment and remediation efforts which successfully reduce risk Maintain documentation on residual risk, along with assignment of leadership owners and recommended steps for remediation Senior Analysts should have expert knowledge of:- Information security policies and goals- Log analysis and event traffic patterns- Azure, DLP, encryption, HIDS, NIDS, firewall technology- The current IT threat landscape and upcoming trends in security Responsible for taking action on alerts, events, and incidents escalated from the Analyst. Triage malware incidents, their priority and the need for escalation. Monitoring for emerging threat patterns and vulnerabilities. Assists with recommendations and workarounds. Coordinates with other external stakeholders. Communicates with management on incident updates. Able to complete the incident lifecycle without higher level supervision.1.6 Qualifications, experience and skills1.6.1 Mandatory 5 plus years of security experience preferable and 2 plus years of IT experience preferable Bachelors Degree in Computer Science, Computer Networking, or Computer Security or equivalent Experience of leading highly skilled teams in pressured, complex environments CISSP and/ or CISM Certifications or equivalent31.6.2 Technical Skills- Understanding of security features of Azure Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption Strong understanding of computer science: algorithms, data structures, databases, operating systems, networks, and tool development Able to evaluate current people, processes, technology, and business drivers to improve the GSOC. Network infrastructure knowledge, advanced knowledge of TCP/ IP and Internet protocols. Experience with network forensics and packet and Netflow analysis, In- depth knowledge of infrastructure and Microsoft operating systems. Policy and Standard, Incident Management., Prioritisation, Technologies, Security, Testing, Monitoring, IT Change, Infrastructure, Application Understanding and experience using various security related exploits and tools Strong ability to communicate: write clearly and speak authoritatively to different audiences Advanced knowledge in; Firewalls, VPN, Intrusion detection and prevention systems, anti- virus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, DMZ. Ability to troubleshoot common network devices, network, vulnerabilities and network.CountryIndiaLocationNoidaOther Global locationsIndia - NoidaService LineIT AdvisoryContract TypePermanentFull Time / Part TimeFull Time,

Keyskills :
tcpdlpsiemriskcismagileazuredmzcisspvpnvoipids24x7