Security Operations Center / SOC (AM)

Company Description

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €30.5 Billion international wholesaler with operations in 31 countries through 625 stores & a team of 93,000 people globally. Metro operates in a further 10 countries with its Food Service Distribution (FSD) business and it is thus active in a total of 34 countries.

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide Finance, HR, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 12 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

Website: https://www.metro-gsc.in

Company Size: 600-650

Headquarters: Pune, Maharashtra, India

Type: Privately Held

Inception:  2011

Job Description

●Monitor security events and alerts generated by various security tools and systems (Google Chronicle, Crowdstrike, Vectra, etc.), investigate and analyze potential security incidents, and escalate as necessary.

●Conduct in-depth analysis of security logs, network traffic, and other relevant data sources to identify and mitigate potential security threats.

●Collaborate with other members of the SOC team to develop and implement incident response runbooks, ensuring timely and effective response to security incidents.

●Stay up-to-date with the latest security threats, vulnerabilities, and industry best practices to proactively identify and address potential risks.

●Participate proactively in creating and providing updates to the standard operating procedures, playbooks, and other similar documentation for continuous improvement of security operations and efficiencies

●Generate reports and documentation related to security incidents, investigations, and remediation activities for management and stakeholders.

●Participate in security incident response exercises and drills to test and improve the organization's incident response capabilities.

Technical & Soft Skills:

●In-depth knowledge and hands-on experience with SOC technologies and tools such as Google Chronicle SIEM, CrowdStrike EDR/EPP, Vectra NDR, Recorded Future TI, etc.

●Proficiency in analyzing security logs, network traffic, and other security-related data sources.

●In-depth Knowledge of industry standards and frameworks such as MITRE ATT&CK Framework, Magma Framework, NIST, etc.

●Demonstrated ability to perform static and dynamic malware analysis.

●Strong knowledge and skills in scripting, and experience in analyzing large data sets from disparate log sources

●Excellent communication and interpersonal skills to effectively collaborate with clients, stakeholders, and internal teams.

●Analytical and problem-solving skills to identify and address security issues and incidents.

●Ability to adapt to changing security threats and evolving business requirements.

●Strong organizational and time management skills with the ability to coordinate and prioritize multiple tasks simultaneously.

●Ability to work under pressure, especially during critical security incidents.

Qualifications

●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., CSA, CHFI, SANS/GIAC) may be preferred.

• Experience 7+ years.