JOB DESCRIPTION

Role Overview:

Bandhan Bank is seeking to recruit a highly motivated professional as Team Member – SIEM Monitoring and Alert Management as part of the Bank’s Cyber Security Operations Center. The role focuses on CSOC and SIEM alerts review, alert analysis, review and closure of tickets with concerned stakeholders. The ideal candidate must have good knowledge in basics of information security and networking, apart from hands-on experience in managing SIEM or other security monitoring tools, familiarity with ServiceDesk and/or any other similar ticket management tools. The candidate shall be required to support and report to Tower Lead – SIEM Operations.

Duties and Responsibilities:

· Support and submit analyses, reports, action taken, action due on CSOC / SIEM activities to Tower Lead on a daily basis.

· Analysis of alerts and status of tickets on a daily basis.

· Conduct review of ticket closure comments and reach out to concerned stakeholders for appropriate ticket closure comments and remediation within SLA. Prepare and maintain action plan and implementation tracking status, act on the same and submit daily reports on progress to Tower Lead.

· Ensure timely closure of all tickets with respective SLAs and escalate at concerned stakeholder levels under direction of CSOC Lead and Tower Lead.

· Daily review of offenses and track SLA breaches, and submission of the same to CSOC Lead and Tower Lead.

· Review and maintain CSOC SOP under directions of Tower Lead.

· Review instances of false positive alerts and maintain tracker for appropriate remediation.

· Review and analysis of third-party partner / vendor CSOC / SIEM activities (operational / compliance / regulatory) on daily / weekly / monthly / quarterly basis, and carry out activities for remediation and improvement.

· Review and preparation of reports on third-party partner / vendor CSOC / SIEM attendance (SIEM on daily / weekly / monthly / quarterly basis and reconciliation with organization’s internal systems; and carry out activities for remediation and improvement.

· Review of third-party vendor hourly / daily / weekly / monthly, quarterly, annual reports, correspondences, etc., and carry out activities for remediation and improvement related to ticket closures, false positives and related use cases.

· Preparing and submission of mandatory CSOC / SIEM reports based on periodicity and mandates from management, regulator, etc.

· Prepare third-party partner / vendor due diligence reports, conduct third-party partner risk assessments as per mandatory organizational / regulatory policies and practice.

· Capture the minutes of meeting and discussions in meetings between third-party support partners, vendors, OEMs, internal stakeholders, etc. with CSOC team. To submit reports, implement follow-up action plan and work on closure of all outstanding points.

· Preparation of various monthly, quarterly, ad hoc audit reports as per mandatory organizational / regulatory policies / practice / requirements.

· Maintain consolidated tracker, collect and review all current and associated artefacts / evidences, on CSOC / SIEM activities encompassing audit, compliance, regulatory, organizational mandates and support CSOC Team Lead and Tower Lead in meeting timelines strictly, work on associated and/or outstanding points.

Experience / Skillset / Certifications Required:

· MCSE / CEH / CCNA / CompTIA / RHCE (RHEL 6.0)/ISACA (CSX, CSP, CISA, CISM)

· Overall min. experience: 2 Years