Service Assurance Process Manager

Purpose In this role you will be working as part of a SOC team providing delivery support for customers. You will work as part of a team focused on security operations principles and optimization with an emphasis on security incident and event monitoring (SIEM).. You will be working as part of a team with a shared responsibility to further developing programs for customers centered around SIEM and SOC. You will lead presentations with technical fluency and be able to answer customer questions in multiple areas of SOC/SIEM. You will also be writing technical documentation and occasionally give technical presentations as a SOC/SIEM subject matter expert.
Key Responsibilities
Strategic • Ensure knowledge creation and documentation.
• Suggest changes/improvement in existing operations to enhance technical capability within the team.
Customer • Incident management and change management
• Ensuring maximum customer satisfaction for direct customers
• Ensure compliance to SLA’s (Incidence response, security alerts, reports availability, uptime)
• Minimizing customer complaints for direct customers.
• Ensure quick resolution of all customer complaints (SOP) and help peers to achieve the same.
• Ensuring time bound and effective communication with the customer.
Process • Ensuring compliance to delivery schedules (reports, scheduled activity etc)
• Ensure self-compliance to service quality and process adherence.
• Ensuring compliance to SOP / guideline during configuration / troubleshooting, to minimize repeat error / downtime.
People • Should continuously enhance skill set / expertise, by acquiring knowledge / certification on new technology and products.
• Should share knowledge and experience with the peers and within the group
• To be flexible to take up any related responsibility and roles, as per the organization requirement.
Technology • Security Incident and Event Monitoring technology support for vendors tools such as Splunk Cloud Enterprise, and/or XSOAR
• Security Operations Center experience in the following areas:
• Playbook design and editing
• Workflow process creation
• Alert and incident response
• SIEM deployment, administration, and architecture design
• SOAR experience in deployment and architecture design preferred
• Experience with Insider Threat program design and implementation preferred•

Capability Requirements

Functional Skills Primary Skills:

· Participate in different meetings with application teams and other-platforms.
· Collection of security/application data related to logs onboarding.
· Work with different platforms to complete the needed onboarding and compliance activities (CIM Data modeling).
· Validation of Splunk indexing, CIM compliance and data modeling
· Documentation and handover to customer and SOC team.

Secondary Skills:
• Microsoft Azure Security Center / Defender with Microsoft Sentinel and Log Analytics
• Regular expressions, field extraction rules, JSON and/or XML (XPath queries)
• Experience leading meetings and presentations for management and executive level personnel.
• Insider threat program design and/or facilitation