Security Operations Manager - 300522

About SirionLabs:

SirionLabs, a global SaaS company, is looking for people who are driven to make a difference.

Bringing together leading innovation, unrivaled Contract Lifecycle Management expertise, and a deep commitment to customer success, SirionLabs helps the world’s leading businesses contract smarter. SirionLabs’ AI-powered Smarter Contracting Platform brings legal, procurement, and business teams together to author stronger agreements, manage risk and strengthen counterparty relationships.

Today, analyst firms such as Forrester, Spend Matters, IDC and G2 agree that SirionLabs is a leader in CLM and world-leading businesses including Vodafone, Unilever, DHL, and BNY Mellon trust SirionLabs to create, control, and manage over 5m contracts worth more than $450b, in 80+ countries around the world. SirionLabs is backed by leading VC firms and has gone through a Series C round. SirionLabs is a 650+ people company with 9 offices globally.

Job Role: Security Operations Specialist

Years of Experience required: 10-15 Years

Work Location: Gurgaon

Responsibilities:

Accountable for overall designing, reviewing, implementing, and maintaining the IT systems Security Architecture

• Accountable for overall Security Operations, Security Operations Center (SOC) strategy & Security Incident/ Breach Response Program for all Corporate IT systems and Cloud hosted SaaS solution platform (AWS, Azure, etc.)
• Accountable for planning, designing, implementing, and managing the Security Operations Center (SOC) and defining the risk mitigation strategy. Present and review a SOC implementation and operations plan with management. Implement threat management, threat modelling, security correlation rules, XDR and SOAR.
• Accountable to recruit and manage a team of skilled security professionals and to deliver strong KPI-based results
• Accountable for monitoring and overall effectiveness of security controls in Corporate IT systems (endpoints, infra, network, data center, applications, etc.) and SirionLabs’ Cloud hosted SaaS solution (AWS, Azure, etc.)
• Accountable for Patch Management, Vulnerability Assessment & Penetration Testing Program, performing internal and facing external Security Audits (VAPT, system hardening, configurations, baselines, etc.) at SirionLabs
• Deliver presentations, reports, dashboards, KPI & KRI to CISO and SirionLabs management
• Implement, Maintain, and Monitor Information Security policies and procedures, including but not limited to security logging and monitoring, security incident management (tracking, investigation, remediation and response), data leakage prevention, IT system security hardening baseline, access control, change management, backup management, patch management, vulnerability management, IT infrastructure & Network penetration testing, asset management, business continuity & disaster recovery etc
• Research/evaluate, implement, and support new security technologies and platforms
• Negotiate with vendors, outsourcers, and contractors to obtain network products and services
• Perform cost-benefit and return on investment analyses for proposed systems to aid management in making implementation decisions
• Manage and ensure effectiveness of security solutions, including SIEM, firewalls, anti-virus solutions, intrusion detection systems, anti-phishing, and Data Leakage Prevention systems
• Perform Blue & Red-Team exercise and incorporate learnings SOC program and risk mitigation strategy
• Mature BCP/DR and Incident Response capabilities. Lead testing of BCP/DR and Incident Response plans and deliver reports to management. Modify plans to incorporate learnings. Coordinate and support respective stakeholders including the business teams, IT, etc. during the BCP/DR activities, Incident Response testing
• Maintain advanced knowledge of current technology trends, evaluate modern technologies and undertake training to strengthen IT skills, as required
• Analyze methods of controlling information security problems, determine the strengths and weaknesses of each method and implement the best cost-effective solution

Educational qualifications and certifications:

Certifications: OSCP, GSOM, GSOC, CISSP, CCSP, CSA (at least two)

B.E. / B. Tech (IT/ CS) / MSc (CS/ (CS/IT)

Organizational skills:

• Self-driven and initiator
• Excellent People & Stakeholder Management

• Excellent program & project management, and organizational skills to achieve results as planned
• Vendor Management
• Finance Management
• Clarity and conciseness in oral and written communications; demonstrated capability to produce effective presentations for delivery to both technical and non-technical audiences.
• Strong interpersonal skills to achieve process changes and departmental goals within a matrix organization; ability to communicate and work well with others at all levels of the corporation.
• Ability to multi-task effectively and work under pressure
• Ability to perform general mathematical calculations (advance excel) for the purpose of creating needs assessments, budgets, and forecasting.
• Ability to conduct research on latest security solutions and products as required.