SOC VM vulnerability mgmt L3

Role: SOC VM (vulnerability mgmt.) L3

Location: Phoenix AZ Day 1 Onsite

Job Description:

• Minimum 8 years of experience.

• Provide technical leadership for the delivery team responsible for L3 incident resolution.
• Handson experience in 2 or more of the Vuln Assessment tools and Vuln. Lifecycle management
• Well conversant in Qualys Tenable rapid7 & MS Defender covering both VM & Policy compliance scanning.
• Exposure to Mitre framework and equivalent Handson experience in EDR platforms and threat analysis threat hunting/incident response experience

• Coordinate SOC efforts across multiple business units during response.

• Contribute towards Technology Transformation and drive automation initiative

• Develop implement and execute standard procedures for the administration content management change management version/patch management and lifecycle management of the SIEM/Log Management platforms.

• Perform hunting exercises using threat intelligence analysis of anomalous log data and results of historical events and data to detect and response to threats

• Conduct proofofconcept reviews for new security products.

• Prepare reports summaries and other forms of communication that may be both internal and client facing.

• Maintaining familiarity with industry trends and security best practices.

• Ensure compliance to SLA process adherence and process improvisation to achieve operational objectives.

• Work/guide on scripting like Python Perl Bash and/or Shell scripting

• Evaluating Email Security solutions for policies like Sender Policy Framework (SPF) and Domain Keys Identification Mail (DKIM) recommend finetuning.

• Effectively communicate/present security concepts with both technical and nontechnical individuals

• Author postmortem reports to be provided to senior leadership following an intrusion or red team engagement.

• Handson experience in 2 or more of the SIEM Analysis and use case management areas

• Advocate protection and mitigation strategies to be implemented from lessons learnt exercises

• Strong knowledge and work experience in handling vulnerability assessment on cloudbased architecture using Prisma cloud Wiz.io etc.
• Other tools knowledge pertaining to CSPM AND ASM will be preferred in addition.
• Experience in defining implementing and consulting for vulnerability management framework based on enterprise security.
• Overall knowledge in VM process and remediation Governance. Ability in working with the Business to effectively communicate the risks of identified vulnerabilities and recommend approach for addressing vulnerabilities.
• Collaborating with stakeholders for remediation and providing updates to customers on a weekly and monthly basis. Working knowledge in SNOW threat monitoring tool and Risk based vulnerability assessment integration Platform.
• Development revision and maintenance of Standard Operating Procedures and other Operational Documents

Soft skills

• Shall have good verbal/written communication skills
• Should be willing to work in 24x7 environments
• Incumbent should carry continual system improvement mindset and able to demonstrate in work.