- Role: Security Operations Expert
- Location: India
- Company: Nokia
- Salary: Not Disclosed
- Qualifications: Bachelor’s degree
- Employment Type: Full Time, Permanent
Role Overview:
The Security Operations Expert is often liable for supplying Level 3 (L3) help and providing professional steerage to Level 1 (L1) and Level 2 (L2) analysts within the Security Operations Center (SOC). This role goes beyond reality tracking and responding to incidents; it includes fundamental complex investigations, undertaking digital forensics, and spearheading large-scale risk-looking campaigns. The expert moreover plays a pivotal function in terrific-tuning Security Incident and Event Management (SIEM) systems, dealing with Splunk/ELK systems, and performing advert-hoc searches on SIEM dashboards to understand and mitigate threats swiftly.
Key Responsibilities:
1. Incident Response & Investigation:
The expert leads the price in investigating safety incidents, from preliminary detection to decision. This includes dealing with and guiding L1/L2 analysts, sporting out specific forensic assessments, and making sure that every incident is thoroughly investigated and documented.
2. Threat Hunting & Digital Forensics:
Engaging in proactive threats looking to pick out out capability vulnerabilities before they are exploited is a considerable problem of this role. The expert additionally conducts digital forensics to analyze malware, tune hazard actors, and understand assault vectors, ensuring that the agency’s defenses are robust and powerful.
3. Security Infrastructure Management:
The role involves coping with SIEM equipment like Splunk and ELK, similar to endpoint detection and reaction structures. The professional is predicted to high-quality those systems, increase new use instances, and update correlation policies to decorate the enterprise organization’s security posture.
4. Process Development & Compliance:
The professional is responsible for laying out techniques and approaches that ensure green and powerful protection operations. This consists of growing incident reaction plans, making sure of compliance with corporation requirements (consisting of CIS Benchmarking, NIST CSF, and Mitre Attack Framework), and engaging in audits to keep excessive protection requirements.
5. Client and Stakeholder Management:
Handling consumer escalations, providing smooth and effective verbal exchanges to stakeholders, and ensuring that SLAs and contractual duties are met are essential additives of this role. The professional should be capable of carrying out complicated technical statistics in a manner that is available to non-technical stakeholders.
6. Continuous Learning & Development:
Given the hastily converting nature of cyber threats, continuous mastering is critical. The expert is expected to live abreast of the extreme day tendencies in assault patterns, gadgets, and technology. This additionally involves updating playbooks and operational procedures often to mirror new insights and exceptional practices.
Qualifications and Experience:
Experience:
- Minimum of eight years in cybersecurity operations.
- Experience in a 24×7 telecom or IT Security Operations Center (SOC) environment is mainly important.
Education:
- Bachelor’s diploma in Computer Science, Information Technology, Electronics and Communication Engineering, or an associated area.
- Equivalent work experience can be considered in the vicinity of formal schooling.
Certifications:
Relevant certifications in conjunction with CISSP (Certified Information Systems Security Professional), GIAC (Global Information Assurance Certification), or CEH (Certified Ethical Hacker) are preferred.
Technical Proficiency:
- Proficient in Security Information and Event Management (SIEM) tools like Splunk and ELK.
- Experience with Endpoint Detection and Response (EDR) equipment consisting of CrowdStrike.
- Hands-on experience with UNIX structures and TCP/IP networking protocols.
- Competence in the use of packet assessment equipment like Wireshark and TCP Dump.
- Security Frameworks & Models:
- Thorough information on security frameworks that incorporate the Mitre Attack Framework.
- Familiarity with the Cyber Kill Chain model.
Knowledge of Security Devices:
In-depth information on protection gadgets and their logging formats, consisting of Next-Generation Firewalls, IDS/IPS, and antivirus/EDR systems.
Understanding of Cyber Threats:
- Up-to-date data on the trendy trends in cyber threats, attacker techniques, and gadgets.
- Experience with danger vectors, Indicators of Compromise (IOCs), and incident control.
This pointwise breakdown highlights the middle qualifications and reveals in required to be successful in the function of a Security Operations Expert at Nokia.
About Nokia:
Nokia is a worldwide chief in telecommunications, acknowledged for its progressive technologies at some point in the cell, constant, and cloud networks. Founded in 1865 and focused in Finland, Nokia has a rich record of driving technological enhancements, especially in networking and telecommunications infrastructure. The organization is devoted to connecting humans and agencies through its present-day 5G networks, IoT answers, and cloud services. Nokia emphasizes sustainability, inclusion, and ethical practices, aiming to create a greater connected and equitable international. With a numerous and inclusive way of life, Nokia fosters innovation and empowers its personnel to make a global impact.
Other Jobs:
Business Development Executive
