Security Operations Center Manager (Gujarat)
Security Operations Center Manager (Gujarat)
-
Gujarat, India -
Posted: less than a week ago
-
Save -
Share
Description
Position Summary The SOC Detection & Platform Engineer is responsible for developing high-quality security detections and ensuring the stability, scalability, and efficiency of the organizations SIEM/SOAR platforms. This role combines advanced detection engineering with hands-on platform operations to support a mature and proactive Security Operations Center (SOC). Key Responsibilities Detection Engineering
- Develop, enhance, and maintain security detection use cases aligned with the MITRE ATT&CK; framework.
- Design and implement correlation rules, behavioral analytics, and alert logic across various log sources.
- Perform false positive reduction, threshold optimization, and tuning of detection logic.
- Validate detection coverage through attack simulation and adversary emulation activities.
- Maintain documentation including rule logic, mapping, and use-case repositories.
- Collaborate with Threat Intelligence and SOC teams to enhance detection effectiveness. Key Responsibilities SOC Platform Engineering
- Manage and optimize SIEM/SOAR platforms for availability and performance.
- Handle log onboarding, parsing, normalization, enrichment, and schema alignment.
- Maintain stable data pipelines including ingestion, indexing, and retention.
- Integrate new log sources across endpoint, network, cloud, and application environments.
- Develop and maintain SOAR playbooks and automation workflows.
- Conduct platform health checks and configuration audits.
- Collaboration & Continuous Improvement
- Work with cross-functional teams to improve SOC visibility and detection maturity.
- Support platform upgrades and capability enhancements.
- Participate in threat-hunting and purple-team exercises.
- Ensure compliance with documentation and change management processes. Required Skills & Experience
- 7+ years of SOC, detection engineering, or SIEM/SOAR experience.
- Hands-on expertise with SIEM tools such as Sentinel, Splunk, Elastic, or QRadar.
- Proficiency with query languages (KQL, SPL, SQL, etc.).
- Solid understanding of cybersecurity principles and threat actor behaviors.
- Experience with automation scripting (Python, PowerShell, Bash).
- Familiarity with log pipelines and normalization concepts. Preferred Qualifications
- Certifications: SC-200, Splunk Admin, Elastic Analyst, CySA+, etc.
- Experience with Detection-as-Code (Sigma).
- Exposure to cloud security (Azure, AWS, GCP).
- Experience with attack simulation tools (Atomic Red Team, Caldera).
- Understanding of SIEM data engineering processes. Key Competencies
- Strong analytical and problem-solving skills.
- Excellent written and verbal communication.
- Ability to work in fast-paced environments.
- High attention to detail and focus on operational excellence. Apply on Kit Job: kitjob.in/job/4mccog
- Develop, enhance, and maintain security detection use cases aligned with the MITRE ATT&CK; framework.
- Design and implement correlation rules, behavioral analytics, and alert logic across various log sources.
- Perform false positive reduction, threshold optimization, and tuning of detection logic.
- Validate detection coverage through attack simulation and adversary emulation activities.
- Maintain documentation including rule logic, mapping, and use-case repositories.
- Collaborate with Threat Intelligence and SOC teams to enhance detection effectiveness. Key Responsibilities SOC Platform Engineering
- Manage and optimize SIEM/SOAR platforms for availability and performance.
- Handle log onboarding, parsing, normalization, enrichment, and schema alignment.
- Maintain stable data pipelines including ingestion, indexing, and retention.
- Integrate new log sources across endpoint, network, cloud, and application environments.
- Develop and maintain SOAR playbooks and automation workflows.
- Conduct platform health checks and configuration audits.
- Collaboration & Continuous Improvement
- Work with cross-functional teams to improve SOC visibility and detection maturity.
- Support platform upgrades and capability enhancements.
- Participate in threat-hunting and purple-team exercises.
- Ensure compliance with documentation and change management processes. Required Skills & Experience
- 7+ years of SOC, detection engineering, or SIEM/SOAR experience.
- Hands-on expertise with SIEM tools such as Sentinel, Splunk, Elastic, or QRadar.
- Proficiency with query languages (KQL, SPL, SQL, etc.).
- Solid understanding of cybersecurity principles and threat actor behaviors.
- Experience with automation scripting (Python, PowerShell, Bash).
- Familiarity with log pipelines and normalization concepts. Preferred Qualifications
- Certifications: SC-200, Splunk Admin, Elastic Analyst, CySA+, etc.
- Experience with Detection-as-Code (Sigma).
- Exposure to cloud security (Azure, AWS, GCP).
- Experience with attack simulation tools (Atomic Red Team, Caldera).
- Understanding of SIEM data engineering processes. Key Competencies
- Strong analytical and problem-solving skills.
- Excellent written and verbal communication.
- Ability to work in fast-paced environments.
- High attention to detail and focus on operational excellence. Apply on Kit Job: kitjob.in/job/4mccog
Highlights
-
Company nameTribastion Technologies -
Job positionSecurity Operations Center Manager (Gujarat)
-
Flag -
Block ad
Safety Tips
Beware of ads written with poor grammar or spelling.
Related searches
More info about this ad
Security Operations Center Manager (Gujarat) has been posted in the Surendranagar Government & Public Service category on Locanto.
In this category, there are no other ads right now posted in Surendranagar.
There are more ads within a 15 km radius for this category. If you want to view those ads, click here.
