Job Summary
SOC Manager
Responsibilities
24/7/365 analysis and response for Security Events.
Provide security event monitoring analysis triage incident alerting and reporting using Security console / Monitoring tool.
Fine-tune of false-positive alerts & update false positive knowledge database.
Creating monitoring trends baselines.
Monitor Security Events from IDS/IPS firewall windows Linux etc.
Working on Phishing/spam emails.
Develop and maintain response playbooks with input from MSK Information Security office.
Conduct initial triage and pre-approved/determined remediation or escalation (as appropriate) for various incident. types including denial of service hacking malware phishing unauthorized access etc.
Identify gaps in existing monitoring/alerting and work with MSK Information Security office to address the same.
Develop additional alerts/correlations as needed to better respond to emerging threats.
Implement automation as needed to help streamline response.
Track and report on metrics for incident response activities.
Manage investigate and respond to alerts from SIEM environment.
Assist in integrating new log sources in the SIEM tool.
Assist in setting up additional SIEM alert rules and finetuning.
Inform on monitoring and reporting leading practices and develop use cases on how to use SIEM technologies.
Identify security events and work with IT security and business groups per the incident management and escalation processes in ITSM tool.
Perform System Health & Performance of SIEM solution.
Monitoring of ServiceNow ticket queues and associated/MSK mailboxes.
Weekly reports for adherence to established SLAs.
Configuration changes or minor upgrades through documented SOPs and mutually agreed under L1 scope of work.
Representation in daily Ready for Business (RFB) Change Approval Board (CAB) and Major Incident meetings.
Certifications Required
Cyber security
The Cognizant community:
We are a high caliber team who appreciate and support one another. Our people uphold an energetic, collaborative and inclusive workplace where everyone can thrive.
- Cognizant is a global community with more than 300,000 associates around the world.
- We don’t just dream of a better way – we make it happen.
- We take care of our people, clients, company, communities and climate by doing what’s right.
- We foster an innovative environment where you can build the career path that’s right for you.
About us:
Cognizant is one of the world's leading professional services companies, transforming clients' business, operating, and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant (a member of the NASDAQ-100 and one of Forbes World’s Best Employers 2024) is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com
Our commitment to diversity and inclusion:
Cognizant is an equal opportunity employer that embraces diversity, champions equity and values inclusion. We are dedicated to nurturing a community where everyone feels heard, accepted and welcome. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
Disclaimer:
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.