Razorpay is looking for an experienced Cyber Security monitoring lead to join our growing Information Security team. The Security Monitoring Lead is responsible for designing and supporting all elements of the security monitoring program running within security operations.
You will work closely with the DevOps team to ensure consolidating, reviewing and centrally storing the monitoring logs from network devices, hosts, files, databases and privileged user access to identify or be alerted of events, including anomalous events, that require further investigation and potential trigger of the incident response process covered in the incident response plan.
Role & Responsibilities:
Lead and manage Security Operations Center
Primarily responsible for security event monitoring, management and response
Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
Monitor indicators of compromise related to advanced, targeted attackers
Provide recommendations based on best practices and experience to develop processes that will enhance efficiencies needed to perform security related responsibilities
Identify threats and manage the threat profile of Razorpay
Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
Responsible for integration of standard and non-standard logs in SIEM
Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
Coordination with stakeholders, build and maintain positive working relationships with them
Engineering degree in computer science or related field. Masters degree is a plus
10+ years Experience in information security
Knowledge of AWS Security tooling is a MUST.
Experience setting up SOC a plus
Proficient in Incident Management and Response
Experience in security management and SIEM
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
Experience in threat management
Knowledge of applications, databases, middleware to address security threats against the same.
Proficient in preparation of reports, dashboards and documentation
Excellent written and verbal communication skills
Ability to make concrete progress in the face of ambiguity and imperfect knowledge
Ability to handle high pressure situations with key stakeholders
Good Analytical skills, Problem solving and Interpersonal skills