Razorpay is looking for an experienced Cyber Security monitoring lead to join our growing Information Security team. The Security Monitoring Lead is responsible for designing and supporting all elements of the security monitoring program running within security operations.
You will work closely with the DevOps team to ensure consolidating, reviewing and centrally storing the monitoring logs from network devices, hosts, files, databases and privileged user access to identify or be alerted of events, including anomalous events, that require further investigation and potential trigger of the incident response process covered in the incident response plan.
Role & Responsibilities
- Lead and manage Security Operations Center
- Primarily responsible for security event monitoring, management and response
- Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
- Monitor indicators of compromise related to advanced, targeted attackers
- Provide recommendations based on best practices and experience to develop processes that will enhance efficiencies needed to perform security related responsibilities
- Identify threats and manage the threat profile of Razorpay
- Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
- Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
- Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
- Responsible for integration of standard and non-standard logs in SIEM
- Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
- Coordination with stakeholders, build and maintain positive working relationships with them
Experience Requirement
- Engineering degree in computer science or related field. Masters degree is a plus
- 10+ years Experience in information security
- Knowledge of AWS Security tooling is a MUST.
- Experience setting up SOC a plus
- Proficient in Incident Management and Response
- Experience in security management and SIEM
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Experience in threat management
- Knowledge of applications, databases, middleware to address security threats against the same.
- Proficient in preparation of reports, dashboards and documentation
- Excellent written and verbal communication skills
- Ability to make concrete progress in the face of ambiguity and imperfect knowledge
- Ability to handle high pressure situations with key stakeholders
- Good Analytical skills, Problem solving and Interpersonal skills
.svg)
