Cyber Security Threat Detection and Response Operations Manager

As a Threat Detection & Response Operations Manager at EY, you will play a crucial role in leading Operations/Delivery for TDR engagements, ensuring end-to-end security incident investigation support to meet client SLAs and KPIs by leveraging multiple SIEM/EDR/SOAR solutions. **Key Responsibilities:** - Oversee the process of detecting, reporting, and responding to security incidents effectively within the SOC team - Manage security tools and technologies used by the SOC team ensuring proper configuration and maintenance for effective monitoring and detection of security threats - Lead and manage the Security Operation Centre responsible for security event monitoring of client networks - Define, track, and meet Service Level Agreements for all clients - Provide technical leadership and guidance to junior team members on SOC activities - Revise standard operation policies & procedures and ensure compliance within the team - Identify opportunities for enhancing security monitoring and operational tasks - Communicate complex technical security concepts to both technical and non-technical audiences, including executives - Develop and maintain relationships with client personnel - Oversee daily SOC tasks that can be automated - Provide a strategic view and benefits to clients, working with limited resources to achieve objectives **Skills and Attributes for Success:** - Hands-on expertise in SIEM technologies like Microsoft Sentinel, Splunk, from a security analysts perspective - Expert knowledge and experience in Security Monitoring and Cyber Incident Response - Value add knowledge in cloud security, IOT/OT, SIEM monitoring platforms, and SOAR platforms - Familiarity with endpoint protection tools like Carbon Black, Defender, CrowdStrike - Ability to work independently with minimal supervision - Customer service-oriented with a commitment to meeting customer expectations **Qualifications:** - B. Tech./B.E. with sound technical skills - Strong verbal and written English language skills - Technical acumen, critical thinking abilities, and interpersonal skills - Minimum 10 years of hands-on experience in operating/implementing/designing SIEM solutions and Project Management - Certification in any SIEM platform and additional certifications like CISM, CEH, CISSP, GCIH, GIAC, SABSA, TOGAF - Knowledge of RegEx, Perl scripting, and SQL query language is a value add **Special Factors:** - Willingness to work from ODC in rotational shifts - Availability/flexibility to work weekends and support late evening/night shifts In this role, EY is looking for individuals who have proven experience in leading operations for SOC projects with hands-on experience in SIEM configuration and setup. Join EY in building a better working world where diverse teams across 150 countries provide value to clients, people, and society through trust and innovation. As a Threat Detection & Response Operations Manager at EY, you will play a crucial role in leading Operations/Delivery for TDR engagements, ensuring end-to-end security incident investigation support to meet client SLAs and KPIs by leveraging multiple SIEM/EDR/SOAR solutions. **Key Responsibilities:** - Oversee the process of detecting, reporting, and responding to security incidents effectively within the SOC team - Manage security tools and technologies used by the SOC team ensuring proper configuration and maintenance for effective monitoring and detection of security threats - Lead and manage the Security Operation Centre responsible for security event monitoring of client networks - Define, track, and meet Service Level Agreements for all clients - Provide technical leadership and guidance to junior team members on SOC activities - Revise standard operation policies & procedures and ensure compliance within the team - Identify opportunities for enhancing security monitoring and operational tasks - Communicate complex technical security concepts to both technical and non-technical audiences, including executives - Develop and maintain relationships with client personnel - Oversee daily SOC tasks that can be automated - Provide a strategic view and benefits to clients, working with limited resources to achieve objectives **Skills and Attributes for Success:** - Hands-on expertise in SIEM technologies like Microsoft Sentinel, Splunk, from a security analysts perspective - Expert knowledge and experience in Security Monitoring and Cyber Incident Response - Value add knowledge in cloud security, IOT/OT, SIEM monitoring platforms, and SOAR platforms - Familiarity with endpoint protection tools like Carbon Black, Defender, CrowdStrike - Ability to work independently with minimal supervision - Customer service-oriented with a commitment to meeting customer expectations **Qualifications:** - B. Tech./B.E. with sound technical skills - Strong verbal and written English language skills - Technical acumen, critical thinking abilities, and interpersonal skills - Minimum 10 years of