Key Skills Required
- Prior experience working in Security operations Tier-2 team.
- Hands-on experience performing in-depth analysis of the escalated incident.
- Ability to manage SOC runbook portfolio and suggest recommendations for improvement.
- Splunk SIEM hands-on experience with ingestion, indexing, queries optimization, runbook health checks.
- Incident management on ServiceNow, assignment queue management, and workflow optimization.
- Good communication and presentation skills to document and share the critical incident reports to stakeholders.
- Understanding and alignment with SOC performance metrics, productivity metrics, and other metrics.
- Prior experience working on FedRAMP projects is preferred.
Experience Required
- 4+ years of relevant security or networking operations centers experience working in multiple client environments
Roles & Responsibilities
- Continuous monitoring, detection and response operations based on escalation received from SOC Tier 1.
- Collaborate with product engineering teams to resolve the incident.
- Provide recommendations for remediation.
- Convene an emerge ncy response team if necessary and engage the customer’s point of contacts within the escalation protocol.
- Align with Incident Response Plan for incident severity and response time measurement.
- Continuously update and improve security controls based on new threats and compliance requirements.
- Manage FedRAMP approved documentation repository and materials specific to Incident Response.
- Incident response plan alignment with company’s Incident Management policy.
Salary Range: $58,600-$90,000 a year
