Manager - Security Operations Centre
Job Summary
Job Description
Zeta is seeking a Manager of Security Operations Centre to establish and manage the SOC environment. This techno-managerial role involves creating project roadmaps, implementing processes, developing incident response plans, analyzing alerts, building dashboards, and gathering threat intelligence. The manager will guide developers and DevOps teams on new threats and infrastructure hardening, ensuring Zeta's applications and infrastructure are secure. Key responsibilities include leading detection and response initiatives, understanding adversarial tactics, assessing security gaps, acting as a technical champion for intrusion detection, investigating critical issues, and reporting on incidents and preventative measures. The role also involves overseeing security operations during high-risk events, managing hiring, and ensuring continuous improvement of SOC platforms and personnel.
Must have:
- Guide detection and response initiatives
- Understand adversarial tradecraft
- Assess security gaps and tools
- Act as an intrusion detection expert
- Support incident detection and response
- Perform detailed root cause investigations
- Report on incidents and recurrence
- Oversee security operations during events
- Experience in SOC/TI with cloud services
- Hands-on intrusion detection experience
- Experience in threat hunting
- Continuous improvement of SOC platform
- Guide SOC Team and maintain schedules
- Catch, investigate, and remediate incidents
- Ensure SLAs and project progress
- Develop incident response plans and SOPs
- Automation, Reporting and Compliance
- Deep understanding of Cloud Environments
- Understand Kubernetes, dockers, containers
- Experience with SIEM platforms
- Familiarity with MITRE ATT&CK framework
- Experience in ELK/EFK/AWS-OpenSearch stack
- Threat intelligence experience
- Experience with databases and Linux/Unix
- Expertise in log monitoring tools
- Knowledge of malware analysis
- Understanding of CI/CD and Jenkins
- Understanding of production operations on public cloud
Good to have:
- Familiarity with Java Log4j framework
- Familiarity with syslogs, nginx/apache logs
- AWS/Azure (VPC/Vnet, S3 buckets, etc.)
- Certifications like OSCP, OSEE, CISSP, SANS CTI
23 skills required
Job Details
About Zeta
Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by Bhavin Turakhia and Ramki Gaddipati in 2015. Our flagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 15M+ cards have been issued on our platform globally. Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios. Zeta has over 1700+employees - with over 70%roles in R&D - across locations in the US,EMEA, and Asia. We raised$280 million at a$1.5 billion valuation from Softbank, Mastercard, and other investors in 2021.Learn more @www.zeta.tech,careers.zeta.tech,Linkedin,Twitter
The Role
This role is part of the Information Security Team, Engineering division of Zeta. The Security Operations Manager is responsible for creating the Security Operations Center (SOC) environment, coming up with project roadmap, setting processes in place, creating incident response plans, analyzing alerts, creating dashboards, collecting threat intelligence etc. Guide Developers and DevOps teams about new threats and help harden infrastructure and applications from various attacks as needed. The objective is to make zeta applications and infrastructure secure.
As Security Operations Center Manager of the Information Security sub-division, you will be responsible for identifying attacks against Zeta’s infrastructure and applications. You will be working in a techno-managerial role, leading a team and reporting to the manager.
- Guide the organization's detection and response initiatives
- Understand adversarial tradecraft along with tactics, techniques and procedures (TTPs)
- Assess gaps, tools to improve security operations and incident response
- Act as a intrusion detection and response expert and technical champion within Zeta
- Provide support in detection, response, mitigation of cyber security incidents
- Perform detailed investigation in order to identify root cause for critical issues
- Prepare and present reports of incidents and ways to limit recurrence
- Oversee the planning and coordination of security operations during high-risk events.
- Experience working in SOC/TI mainly involving cloud services, GCP and AWS (preferably) and web applications
- Hiring decisions, hiring process definition, and continuous improvements.
- Broad knowledge of security domain with an understanding of logs and event processing, incident management, detection, response and tool development
- Utilizing a security information and event management (SIEM) platform for visibility and detection of live intrusions and to triage alarms in real-time.
- Perform review and validation of all deliverables for SOC, IR, Threat Intelligence, Threat Hunting and other SOC activities.
- Ensure timely and accurate reporting to Zeta board, CERT-In, Auditors etc.
- Hands on experience in intrusion detection, security investigations and incident response
- Experience in threat hunting using threat intelligence to investigate potential risks and finding suspicious behaviour
- Continuous improvement of SOC platform (SIEM Admin) through enhancements, tool addition, project planning etc.
- Guide SOC Team, maintain SOC personnel shift schedules
- Catch, investigate, and remediate security incidents.
- Ensure Service Level Agreements (SLAs), of projects progress, risks, issues, and proposed resolutions.
- Development of incident response plans and SOPs
- Automation, Reporting and Compliance
- Deep understanding of Cloud Environments like AWS, Azure etc.
- Deep understanding of Managed and vanilla Kubernetes clusters and working of dockers, containers and helm charts
- Hands on experience in intrusion detection, security investigations and incident response
- Experience in threat hunting using threat intelligence to investigate potential risks and finding suspicious behavior
- Design, create, deliver, and support the deployment of Python/Ansible/Terraform automation as required for ELK/EFK/AWS-OpenSearch and other technology stack
- Perform review and validation of all deliverables for SOC, IR, Threat Intelligence, Threat Hunting and other customer assigned activities.
- Develop policies, instruction, standards, and procedures around security operation functions.
- Provide Metrics and Artifacts supporting audit activities.
- Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
- Understanding of network protocol, TCP/IP stack, and working knowledge of tools like Wireshark, tcpdump etc.
- Strong data analysis skills; ability to independently write scripts/code to parse and analyze complex data.
- Practical experience with deployment and/or operation of commonly used information security solutions Like Cloudflare, Splunk, CloudTrail, etc.
- Understanding and familiarity with existing TTP frameworks like MITRE ATT&CK, Cyber Kill Chain etc.
- Must have worked in ELK/EFK/AWS-OpenSearch implementation project, and Logstash data parsing rules.
- Experience in ELK/EFK/AWS-OpenSearch stack or other logging / stats / visualization tools like Grafana, Prometheus etc.
- Threat intelligence like OSINT, MISP etc.
- Experience in databases, Linux/Unix environment, software development, and/or experience with distributed systems.
- Familiarity with Java Log4j framework, syslogs, nginx/apache logs is a plus.
- Expertise in Log monitoring tools like Splunk, ELK/EFK/AWS-OpenSearch, SumLogic, Loggly, Arcsight etc.
- Knowledge of malware analysis.
- Understanding of CI/CD, Jenkins
- In-depth understanding of production operations on public cloud infrastructure
- AWS/Azure (VPC/Vnet, S3 buckets, blob stores, LoadBalancers etc.), Dockers & Containers, Kubernetes
- Certifications like OSCP, OSEE, CISSP, SANS CTI etc
- 9 to 13 years of overall experience as Security Operations engineer in medium to large-size product companies.
- Bachelor of Technology (BE/B.Tech), M.Tech/ME in Computer Science or equivalent
Life At Zeta
At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals.
#LifeAtZeta is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself, Zeta is the place to be! Explore the life at zeta
Zeta is an equal opportunity employer.
At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital/parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities.
Similar Jobs
PwC
Neuilly-sur-Seine, Île-de-France, France (On-Site)
• 8 Months ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
rivos
Santa Clara, California, United States (On-Site)
• 8 Months ago
PayPal
San Jose, California, United States (Hybrid)
• 1 Week ago
Fandom
Poznań, Greater Poland Voivodeship, Poland (Remote)
• 4 Months ago
bytedance
San Jose, California, United States (On-Site)
• 7 Months ago
Get notifed when new similar jobs are uploaded
Jobs in Hyderabad, Telangana, India
Krafton India
Bengaluru, Karnataka, India (On-Site)
• 2 Weeks ago
Insight Software
Hyderabad, Telangana, India (On-Site)
• 2 Weeks ago
Hyderabad, Telangana, India (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
Operations Jobs
bytedance
Taguig, Metro Manila, Philippines (On-Site)
• 2 Months ago
Hawkeye Innovations
Dortmund, North Rhine-Westphalia, Germany (On-Site)
• 1 Month ago
Get notifed when new similar jobs are uploaded
