Job Title:  T&T | Cyber: D&R I SIEM | Deputy Manager | Mumbai

Key responsibilities

• Manage day to day SOC operations & incident triage on 24 x 7 basis.

• Adhere to SLAs- MTTA, MTTR,MTTC etc

• Comprehensive analysis to tickets escalated by senior engineers for further processing and closure.

• Maintain quality of incident analysis and recommendation with respect to completeness and correctness of the available information for closure of incidents

• Correlate data from multiple log sources for comprehensive threat understanding.

• Provide recommendations to enhance use cases in production.

• Create and update relevant documentation root cause analysis (RCA) document as applicable for critical severity incidents

• Participate in SOAR workshops to provide recommendation of new playbooks and automation avenues. Create requirement document, if needed.

• Create IRC document for each use case, quarterly review of IRC document to be ensured.

• Support in preparation of reports and provide data for audit queries

• Maintain SOC operations SOPs and perform annual reviews for relevant updates

• Participate in workshops with the SOAR team to provide playbook recommendations, scenario-based testing

• Managing shift rosters and publish the same to client

• Use case reconciliation- Recommendations to be provided based on BAU activities to enhance use cases in production. Timely raise concerns with Content Management Team for reduction of FP rate.

• Handovers, delegation of tasks to be done appropriately without any gaps.

• Audit submission support

• Prepare/review Escalation Matrix required for SOC BAU on regular basis.