Senior SOC Engineer

Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry.

Job Description

Primary functions and essential responsibilities

• Detects, identifies, and responds to cyber events, threats, security risks, and vulnerabilities in line with cyber security policies and procedures
• When necessary, leads and coordinates incident response activities, engage stakeholders and relevant security teams outside of SOC to effectively investigate and neutralize a security incident
• Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
• Experience working with SOAR to automate repetitive tasks and drive efficiencies allowing analysts to work on more advanced tasks.
• Communicates with stakeholders and leadership to provide timely and accurate updates on the progress of the Incident response effort
• Identifies, documents, and blocks TTPs, IOCs, and other artifacts during incident response
• Authors content using query languages and scripting for event enrichment and efficient investigation
• Develops procedures and documentation to support incident response and forensic investigation standard operating procedures
• Contributes to the maintenance and optimization of the organizations incident response plan
• Creates detailed timelines and incident post mortem documentation following investigations
• Create, vvaluate and update SOC runbooks, playbooks, and procedures as appropriate.
• Conducts threat hunting and analysis using various toolsets based on hypothesis and intelligence
• Partner with the security engineering and platform engineering teams to optimize operations
• Support a program for continuous security controls testing and validation
• Participate in Purple and Blue teaming activities
• Perform Security Incident Campaign analysis
• Mentors and leads junior team members by example and through effective communication via one on one meetings, coaching, informal instruction, or other methods as required
• Completes projects on time, according to instruction, and within requirements described by stakeholders
• Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associate.
• Perform other duties as planned and communicated by leadership
  
  

• Bachelor’s degree in Computer Science, Information Technology or equivalent discipline
• Professional Certifications like GSEC, GCIA, CISSP, OSCP, etc., will be a plus
  
  

• Excellent communication skills with the ability to influence other teams
• Good understanding of the offensive and defensive side of security
• Driving measurable improvement in monitoring and response capabilities at scale
• Strong team player - collaborates well with others to solve problems and actively incorporates input from various sources.
• Analytical and problem-solving mindset with demonstrated effective decision-making skills
• Works calmly under pressure and with tight deadlines
• Track record of successful personnel management
• Is proactive and highly trustworthy; leads by example
  
  

• 6+ years of experience in Cybersecurity, or with a reputed Services / consulting firm offering security operations consulting or equivalent experience
• Demonstrated proficiency in IR and forensic response using a variety of toolsets
• Experience in scripting languages such as PowerShell or Python
• Experience in SOAR (Security Orchestration Automation Response) platform preferred
• Experience with one or more Security Information and Event Management (SIEM) solutions
• Experience with one or more Endpoint Detection and Response (EDR) Solution
• Experience with one or more cloud environments
• Experience as a leader, mentor, and trainer of team members
  
  

• Candidate should be willing to work majorly in SGT (Singapore Business Hours) or occasionally in other shifts as required by SOC Management
• Candidate should be able to work from Ares Office located in Mumbai
• Experience with one or more Security Information and Event Management (SIEM) solutions
• Understanding of common Attack methods and their SIEM signatures
• Experience in security monitoring, Incident Response (IR) and security remediation
• Experience working with Endpoint Detection and Response (EDR), User and Entity Behavioral Analysis (UEBA) and Network behavior anomaly detection (NBAD)
• Strong knowledge and experience in Security Event Analysis capability
• Understanding of network protocols (TCP/IP stack, SSL/TLS, IPSEC, SMTP/IMAP, FTP, HTTP etc.)
• Understanding of Operating System, Web Server, database, and Security devices (firewall/NIDS/NIPS) logs and log formats
• Understanding of different cloud environments
• Strong analytical and problem-solving skills
• High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
• Ability to interact effectively at all levels with sensitivity to cultural diversity
• Ability to adapt as the external environment and organization evolves
• Passionate about Cybersecurity domain and has the inclination to learn current technologies / concepts / improvements
• Knowledge of cyber security frameworks and attack methodologies
• Knowledge of intrusion detection methodologies and techniques for detecting host- and network-based intrusions via intrusion detection technologies
• Excellent verbal and written English communication skills