Job Description :
Scope of Work/Objective :
- Security Operation Center team (SOC) will be the team of cybersecurity professionals committed to monitor, analyze activity on networks, servers, endpoints, database, applications, websites and other systems.
- Security Operation Center team will work with incident response team to ensure security issues are addressed quickly.
- The SOC is responsible for ensuring that potential security incidents are correctly identified, analyzed, defended, investigated, and reported.
Job functions and responsibility :
- Work to implement recommendations in O365 and Azure AD - SecureScore- that make sense for us
- Review and approve new Enterprise Applications requests in Azure AD
- Generate and summarize security metrics from data sources including: O365 and Azure SecureScore, Rapid7 reports, Wombat, etc.
- Follow up with regional technology teams for Rapid7 SOC notifications
- Work to implement CIS Office 365 hardening recommendations
- Clean-up spam domain whitelists
- Review all admin roles and work to enforce principle of least privilege
- Review CIS recommendations for Intune Mobile Device Management (MDM). Implement those policies
- O365 Conditional access
- Manage Rapid7 vulnerability scans
- Ensure the Azure AD 'Risky sign-ins' report is reviewed
- Ensure the Application Usage report is reviewed
- Ensure the self-service password reset activity report is reviewed
- Ensure user role group changes are reviewed
- Ensure mail forwarding rules are reviewed
- Ensure the Mailbox Access by Non-Owners Report is reviewed
- Ensure the Malware Detections report is reviewed
- Ensure the Account Provisioning Activity report is reviewed
Qualification and Education :
- Bachelor Degree like B.Tech, BCA, BSC
- Certification - CEH
- 5+ Years of experience in SOC
- Knowledge of different tools and technology like InsightIDR, InsightVM, office 365, Microsoft domain, Azure AD, packet capture and end-point security
No comments:
Post a Comment