Manager - Information Security
Niyo
IT
Bengaluru, Karnataka, India
Posted on Feb 21, 2025
Niyo Information Security function looking for high-performing, self-driven, motivated team players
for the role of SOC Manager who will manage the end-to-end responsibility specific to security
operations centers and incident management for SOC function.
AREA OF RESPONSIBILITIES:
▪ Plan and Manage the SOC operations and related activities
▪ Lead required system configuration in respect to SOC/SIEM, Log aggregation, Detection &
Prevention rules to improve effectiveness.
▪ Direct the functions, processes, and operations of the SOC and ensure standard SOPs are
followed.
▪ Lead the continuous monitoring related operations of the SOC to ensure optimal
identification / resolution of security incidents and enhance security.
▪ Document security/incident response playbook
▪ Managing the SOC team and individual responsibilities.
▪ Ensure compliance of SLA and adherence of related processes with review of improvement
opportunities to meet operational objectives.
▪ Ensure documentation and research of security incidents received via the SOC.
▪ Develop and maintain an incident response management program that includes incident
detection, analysis, containment, eradication, recovery and chain of evidence / forensic
Artifacts Required For Additional Investigations.
▪ Periodically undertake the Incident Response simulation and drill to test the effectiveness
▪ Create and publish reports, dashboards, metrics for SOC operations and presentation to
Department Head / Management.
▪ Providing Department Head / Management oversight with a realistic overview of risks and
threats in the technology environment.
▪ Manage the process improvement program for SOC processes.
▪ Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest
threats and incident response techniques.
▪ Provide direction, leadership and management to SOC personnel.
▪ Act on relevant responsibility from Information Security Incident Management and
Response planning
▪ Analyse & Investigate on Incident / Breaches and document the report and communications
required.
▪ Undertake Malware/incident forensics, Memory imaging for detailed analysis if required for
any forensic purpose
▪ Optimization of rules, alerts as per severity of threat perceived from any specific events.
▪ Document/Maintain SOC Manual, Procedures, Response Plan, Runbooks and associated
processes for continuous improvement
▪ Build use cases and correlation alerts in the SIEM for continuous security monitoring
▪ Review/Configure preventive rules on EDR, WAF, DLP and other security tools.
▪ Periodic Log reviews across Infrastructure & Application for anomaly and policy violations.
▪ Interaction with relevant stakeholders for risk mitigation, corrective action and Root Cause
Analysis.
▪ Periodic Rules/configuration review as per standard procedure / CIS.
▪ Continuous Vulnerability Management & Policy Management with SIEM and Vulnerability
Assessment tools
▪ Maintain updated Assets Inventory for monitoring potential threats, discovery of
authorised/unauthorised/rogue assets.
▪ Reporting of Attack surface continuous monitoring and analysis
▪ Identify, assess, and resolve complex issues within own area of responsibility
DESIRED SKILLS:
▪ Handled SOC L1/L2/L3 responsibility
▪ Hands-on experience of security tools that include SIEM, IDS/IPS, log orchestration, malware
forensic, sandboxing, etc.
▪ Certification on any of the SIEM solutions
▪ Hands-on with Malware Forensic and Breach Investigation
▪ Familiar with security best practices in IaaS/PaaS services such as AWS, Azure and Google
Cloud
▪ Familiar with MITRE ATT&CK framework
▪ Security logging and compliance related administration knowledge in the cloud such as AWS
Cloud’s Config, Cloudtrail, GuardDuty, Inspector, flowlogs, Cloudwatch log metrics etc.
▪ Experience in Threat hunting, OSINT, DarkWeb analysis and compromise assessment.
▪ Good understanding of Client/Server Architecture, TCP/IP Model and Network Topology
▪ Familiar with OSI Model and associated layer / data units such as network layer and its data
units involving Packet, Fragment, Frame, Datagram, and Segment
▪ Familiar with multiple Operating System platforms such as Windows, Linux and Unix.
▪ Familiar with popular commercials / open source tools and techniques used by hackers
▪ Familiar / hands-on Open Source SIEM and Logging/Monitoring solution such as Wazuh,
OSSIM, OSSEC, SecurityOnion, Snort, Suricata.
▪ Familiar / hands-on ELK Stack (Elasticsearch, Logstash, Kibana).
▪ Knowledge of Security testing methodology, and other international industry recognised
standards and guidelines including CIS controls in depth.
▪ Demonstrate strong understanding of Open Source technologies, framework, tools and
trends
▪ Strong scripting skills (e.g., Python, Shell script, etc.)
▪ Up-to-date on general cyber security risks and threat landscape
▪ Aware of general cyber security practices needed by computer and internet user
▪ Strong written and verbal communication skills expected - ability to communicate security
and risk-related scenarios to both technical and non-technical stakeholders
▪ Strong knowledge of Word, Excel and PowerPoint for professional documentations.
▪ Ability to work at nights and/or weekends as per urgency / requirement.
ELIGIBILITY:
▪ BCA / BSC / B Tech (CS/IT) / BE (CS/IT) / Diploma holder (IT / Computer / Network)
▪ Work Experience: 7-10 Years of total work experience.
for the role of SOC Manager who will manage the end-to-end responsibility specific to security
operations centers and incident management for SOC function.
AREA OF RESPONSIBILITIES:
▪ Plan and Manage the SOC operations and related activities
▪ Lead required system configuration in respect to SOC/SIEM, Log aggregation, Detection &
Prevention rules to improve effectiveness.
▪ Direct the functions, processes, and operations of the SOC and ensure standard SOPs are
followed.
▪ Lead the continuous monitoring related operations of the SOC to ensure optimal
identification / resolution of security incidents and enhance security.
▪ Document security/incident response playbook
▪ Managing the SOC team and individual responsibilities.
▪ Ensure compliance of SLA and adherence of related processes with review of improvement
opportunities to meet operational objectives.
▪ Ensure documentation and research of security incidents received via the SOC.
▪ Develop and maintain an incident response management program that includes incident
detection, analysis, containment, eradication, recovery and chain of evidence / forensic
Artifacts Required For Additional Investigations.
▪ Periodically undertake the Incident Response simulation and drill to test the effectiveness
▪ Create and publish reports, dashboards, metrics for SOC operations and presentation to
Department Head / Management.
▪ Providing Department Head / Management oversight with a realistic overview of risks and
threats in the technology environment.
▪ Manage the process improvement program for SOC processes.
▪ Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest
threats and incident response techniques.
▪ Provide direction, leadership and management to SOC personnel.
▪ Act on relevant responsibility from Information Security Incident Management and
Response planning
▪ Analyse & Investigate on Incident / Breaches and document the report and communications
required.
▪ Undertake Malware/incident forensics, Memory imaging for detailed analysis if required for
any forensic purpose
▪ Optimization of rules, alerts as per severity of threat perceived from any specific events.
▪ Document/Maintain SOC Manual, Procedures, Response Plan, Runbooks and associated
processes for continuous improvement
▪ Build use cases and correlation alerts in the SIEM for continuous security monitoring
▪ Review/Configure preventive rules on EDR, WAF, DLP and other security tools.
▪ Periodic Log reviews across Infrastructure & Application for anomaly and policy violations.
▪ Interaction with relevant stakeholders for risk mitigation, corrective action and Root Cause
Analysis.
▪ Periodic Rules/configuration review as per standard procedure / CIS.
▪ Continuous Vulnerability Management & Policy Management with SIEM and Vulnerability
Assessment tools
▪ Maintain updated Assets Inventory for monitoring potential threats, discovery of
authorised/unauthorised/rogue assets.
▪ Reporting of Attack surface continuous monitoring and analysis
▪ Identify, assess, and resolve complex issues within own area of responsibility
DESIRED SKILLS:
▪ Handled SOC L1/L2/L3 responsibility
▪ Hands-on experience of security tools that include SIEM, IDS/IPS, log orchestration, malware
forensic, sandboxing, etc.
▪ Certification on any of the SIEM solutions
▪ Hands-on with Malware Forensic and Breach Investigation
▪ Familiar with security best practices in IaaS/PaaS services such as AWS, Azure and Google
Cloud
▪ Familiar with MITRE ATT&CK framework
▪ Security logging and compliance related administration knowledge in the cloud such as AWS
Cloud’s Config, Cloudtrail, GuardDuty, Inspector, flowlogs, Cloudwatch log metrics etc.
▪ Experience in Threat hunting, OSINT, DarkWeb analysis and compromise assessment.
▪ Good understanding of Client/Server Architecture, TCP/IP Model and Network Topology
▪ Familiar with OSI Model and associated layer / data units such as network layer and its data
units involving Packet, Fragment, Frame, Datagram, and Segment
▪ Familiar with multiple Operating System platforms such as Windows, Linux and Unix.
▪ Familiar with popular commercials / open source tools and techniques used by hackers
▪ Familiar / hands-on Open Source SIEM and Logging/Monitoring solution such as Wazuh,
OSSIM, OSSEC, SecurityOnion, Snort, Suricata.
▪ Familiar / hands-on ELK Stack (Elasticsearch, Logstash, Kibana).
▪ Knowledge of Security testing methodology, and other international industry recognised
standards and guidelines including CIS controls in depth.
▪ Demonstrate strong understanding of Open Source technologies, framework, tools and
trends
▪ Strong scripting skills (e.g., Python, Shell script, etc.)
▪ Up-to-date on general cyber security risks and threat landscape
▪ Aware of general cyber security practices needed by computer and internet user
▪ Strong written and verbal communication skills expected - ability to communicate security
and risk-related scenarios to both technical and non-technical stakeholders
▪ Strong knowledge of Word, Excel and PowerPoint for professional documentations.
▪ Ability to work at nights and/or weekends as per urgency / requirement.
ELIGIBILITY:
▪ BCA / BSC / B Tech (CS/IT) / BE (CS/IT) / Diploma holder (IT / Computer / Network)
▪ Work Experience: 7-10 Years of total work experience.
- 4+ Years experience of handling SOC.
- at-least 7 Years of overall experience in Information security domains