Manager - Data Security

Job Family Descriptor

• Experience in managing security products – PIM-Arcos, DLP - Forcepoint, DAM, Data Classification - Klassify,  EPP - Trend Micro, MDM Solution and any other technologies will be added advantage and any other technologies will be added advantage
• Analysis of escalated incident and define correlation rules
• Ensure all the critical logs are captured on SIEM
• Creating connectors/correlation rules/active list/reports
• Perform impact analysis for update and upgrade of SIEM and advance security solution
• Creating custom parser and creating flux connectors

Broad outline of the Role

• Ensure SLA are achieved & work proactively to maintain the same
• Strong working knowledge of operating systems security for Windows, Linux, Solaris, AIX, etc
• Strong working knowledge of hacking tools and techniques
• Strong experience in Incident Management cycle
• Monitoring the security environment/appliance/software/service that are critical to the business and IT infrastructure for the solutions in scope
• Responsible for scoped security solution/device administration, solution recommendation, Escalation resolution, maintaining Knowledge base, Escalation point for device issue resolution, Patch implementation, Rule base Management, version upgrades
• Apply investigation techniques to document root cause and impact of detected computer security incidents. 

Purpose - Broad objective of the role

• Exposure to server technologies and virtualization platforms for e.g. VMware, HyperV, OVM, RHEV etc.
• Expertise on Microsoft and Linux based OS (Desirable but not mandatory) 
• Keep track of latest threats and vulnerabilities

Operating Network - Key External

Operating Network - Key Internal

Size and Scope of Role - Financial

Size and Scope of Role - No. of direct reports

Size and Scope of Role - Total team size

Size and Scope of Role - Other size parameters

Minimum qualification & experience

• Education Qualification – B.E/ B. Tech/MCA with 8 years relevant experience in field of Information Security domain
• Possession of recognized industry certification- CISSP/CISA/CISM/or Any SIEM Technical certification
• Possess an impeccable work ethic and a high degree of integrity
• Good understanding of Information Security domain

Other knowledge/skills

• Good Analytical & Problem Solving skills
• Able to communicate with technical staff/management
• Flexible to work in extended hours if required
• Continuous learning & flexible approach

Key Responsibilities

• Experience in managing security products – PIM-Arcos, DLP - Forcepoint, DAM, Data Classification - Klassify,  EPP - Trend Micro, MDM Solution and any other technologies will be added advantage and any other technologies will be added advantage
• Analysis of escalated incident and define correlation rules
• Ensure all the critical logs are captured on SIEM
• Creating connectors/correlation rules/active list/reports
• Perform impact analysis for update and upgrade of SIEM and advance security solution
• Creating custom parser and creating flux connectors
• Ensure SLA are achieved & work proactively to maintain the same
• Strong working knowledge of operating systems security for Windows, Linux, Solaris, AIX, etc

Technical Competencies

• Experience in managing security products – PIM-Arcos, DLP - Forcepoint, DAM, Data Classification - Klassify,  EPP - Trend Micro, MDM Solution and any other technologies will be added advantage and any other technologies will be added advantage
• Analysis of escalated incident and define correlation rules
• Ensure all the critical logs are captured on SIEM
• Creating connectors/correlation rules/active list/reports
• Perform impact analysis for update and upgrade of SIEM and advance security solution
• Creating custom parser and creating flux connectors
• Ensure SLA are achieved & work proactively to maintain the same
• Strong working knowledge of operating systems security for Windows, Linux, Solaris, AIX, etc

Knowledge / Skills