Cybersecurity Operations Manager

Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Take a video tour of our global network of 24/7 Security Operations Centers (SOCs).

Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs).

We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis.

Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches.

While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.

Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within.

Proficio is hiring a Cybersecurity Operations Manager in India to provide SOC management services exclusively to an APAC customer. This role will lead and manage Cybersecurity Operations by running smooth Cybersecurity operations and incident response on 24x7 basis. Manage internal and external Application security (Ext. VAPT, Internal VAPT); introduce and reinforce Cybersecurity solutions and controls for our customer.

Requirements

Cybersecurity operations responsibilities

Engage with internal stakeholder in various security incident management activities.

o Develop (and oversees) metrics and Key Performance Indicators designed to illustrate program performance, alert fidelity, and how the SOC contributes to a reduction in overall enterprise risk

o Own/Manage quality assurance reviews for response actions taken, and address deficiencies as necessary

o Manage/Coordinate the design and onboarding of new technologies, alerts and associated response playbooks and procedures alongside Threat Detection, SOAR, and other Subject Matter Expert Teams

o Manage day-to-day operational support of the SOC, troubleshooting and maintenance of Security related processes, controls, or products.

o Manage the planning, analysis, configuration, testing, documentation, and implementation of new or upgrades to security processes, controls or products as directed.

o Participate and lead activities or team to resolve cyber incidents and ensure proper procedures are followed throughout lifecycle of an incident.

o Respond to audits and other assurance reporting needs related to SOC activities.

o Understand and provide input to the budget process and share responsibility for cost-effective expense control of assigned projects.

o Evaluate/recommend purchases and/or licensed software products to identify and address security exposures.

o Participate/lead Security and enterprise projects as assigned.

o Represent team at design and new technology meetings.

o Provide human resources management, including coaching, performance management, team development and growth, and workforce planning.

Responsible for leading the engineering, monitoring, and management of the following products

MSS/ HIPS/ SIEM/ WAF/ Firewall Security Operations

o Cyber security incident management on 24x7 basis with help of staff members. Manage service requests and tickets and follow-up with SOC for service status.

o Update the operations procedures/ standards and keep up-to-date and reinforce security

o Manage end to end incident resolution by contacting on incidents, alerts triggered by SOC.

o Establish security conference calls in case of incidents that are not acknowledged by respective team within 30 minutes of notification.

o Lead, coordinate and report on response and resolution of security incidents and advise the site engineers on incident analysis and ensure a successful closure of information security incidents.

o Review the firewall rules on an annual basis and provide a report to security leads.

SPAM and Virus Incidents and Resolution

o Management and supervision of:

Spam analysis of alerts received from end users and provide solutions

Virus analysis and recommend the course of action for quick remediation.

Ticket creation with Barracuda for viruses/ spams to be blocked in future.

o Support for procedures/ standards update.

VAPT Programs

o Supervision of:

External Penetration Testing via third parties

Internal Scans using internal tools

Web Content Filter Incidents and Resolution

o Supervision of:

Web content filter management and incident resolutions

Manual log monitoring and raise incident for affected users

SIEM/ Log Management

o Supervision of:

Monitoring of incidents, alerts triggered by SOC

Ticket creation on service desk tool

Operations Shift Management and New Projects

o Supervision of:

Onsite Shift Leads and their work

New Security Projects and engineering work.

Dashboards & Reports

o Prepare month report for IDS

o Prepare month report for Spam Filter

o Prepare weekly report for anti-virus

o Prepare monthly report for web content filter

o Prepare monthly report for SIEM

o Prepare monthly report for NAC, WAF and EDR

o Prepare monthly report for Security Management

Vulnerability Management and Application Security

• Design and implement vulnerability management and application security program for the group
• Manage Annual Vulnerability Assessment and Penetration Testing (VAPT) program of web
• applications, Mobile applications, thick clients and API's clients.
• Manage and drive the bugbounty program for the group, take initiative and drive changes in our bug bounty program which position us as the leading authority amongst other programs.
• Work with Application teams in SME role to explain the reported vulnerabilities and remediations and perform review of the application architecture for securing application by design.
• Manage vulnerability assessment and baseline scan for endpoints, servers, and network devices.
• Integration of Security scanners in the CI/CD pipeline
• Work with the application team to achieve secure product lifecycle
• Perform static application security testing (SAST), dynamic application security testing (DAST) for the applications Improve security releases, lead, and influence cross-functional positive changes.
• Drive the most difficult or highly complex application security reviews and threat modeling. Provide expert guidance and direction for other team members when they encounter challenges in their security reviews. Own documentation and procedures surrounding application security reviews as well as lead by example for what successful application security reviews look like.
• Have significant ownership in and evangelize security training with development teams.
• Drive initiatives which scale application security and holistically address multiple vulnerabilities.
• Manage the implementation of web seal on the Content portals

Benefits

• Opportunity to work in a progressive organization with structured training and roadmap for success
• Health benefits, lunches, gym reimbursement, and internet funding for our India staff!
• Experience in one of the hottest IT industries today

Proficio is an EOE employer.

Proficio collects certain personal information upon your submission of an application for an open position. More information is available about your consumer rights and our privacy policy at www.proficio.com/privacypolicy