societe generale assurances

Cyber Security Consultant -SOC (Use-case Development – Cloud))Permanent contractBangalore, India

Bangalore
March 1, 2024
Apply Now
Deadline date:

Job Description

Cyber Security Consultant -SOC (Use-case Development – Cloud))

Permanent contract|Bangalore|Innovation / Project / Organization

Cyber Security Consultant -SOC (Use-case Development – Cloud))

  • Bangalore, India
  • Permanent contract
  • Innovation / Project / Organization

    • Responsibilities

  • JOB PURPOSE

    •  RESG/GTS is the entity in charge of the entire IT infrastructure of Société Générale.

     The RESG/GTS/SEC/SOC department, which corresponds to the Société Générale SOC (SOC SG), is in charge of operational detection, incident response and prevention activities within the scope of GTS across the businesses. The mission of the SOC is to identify, protect, detect, respond and using the security platforms for the detection/reaction and prevention and resolution of security incidents. The SG SOC consists of Cyber Defense (incident management) Cyber Tools (management of SOC tools including the SIEM), Cyber Control (Prevention and Compliance) and Governance.

    This role is for  Cyber security – SOC Consultant (Use case development – Cloud) will be part of the GTS Security SOC team. In this role, you will involved in supporting India and global regional needs to manage and optimize the detection use case lifecycle for private and public cloud environments within the Security Operations Center (SOC). This includes developing, deploying, monitoring, and evaluating threat detection use cases to proactively identify and respond to security incidents across cloud infrastructure

    2. PRINCIPAL ACCOUNTABILITIES

  • Design and develop detection use cases tailored for specific cloud platforms and services. Map cloud-specific threat detection use cases to relevant MITRE ATT&CK techniques, tactics, and procedures (TTPs).
  • Prioritize cloud detection use cases based on MITRE ATT&CK attack stages and impact levels. 
  • Implement and integrate use cases with existing SOC tooling and infrastructure. Develop detection logic and rules based on MITRE ATT&CK adversary tactics and behavior.
  • Monitor and analyze performance of use cases, identifying opportunities for optimization and improvement. Utilize MITRE ATT&CK scoring methodologies to evaluate the effectiveness of cloud detection use cases.
  • Conduct threat hunting exercises and proactively identify potential security vulnerabilities in cloud environments.
  • Investigate and analyze security incidents triggered by cloud-based use cases.
  • Document, update, and maintain technical documentation for cloud detection use cases.
  • Provide training and support to SOC analysts on cloud-based detection methodology and approach
  • Stay current on emerging cloud security threats and trends, adapting use cases accordingly. Collaborate with threat intelligence teams to update and refine cloud detection use cases based on the latest MITRE ATT&CK adversary data and trends 

    • Profile required

    Technical Skills

  • Expertise in various cloud platforms and security services (AWS, Azure, GCP, etc.). Familiarity with SIEM/SOAR platforms and security information technologies. Deep understanding of the MITRE ATT&CK framework and its application to cloud security. This allows for accurate mapping of threats and effective detection implementation. Ability to translate MITRE ATT&CK TTPs into actionable detection logic and rules for cloud environments. This requires technical expertise in SIEM/SOAR platforms and security tools. Experience in utilizing MITRE ATT&CK scoring methodologies to assess and improve cloud detection capabilities. This demonstrates analytical skills and a data-driven approach to security. Experience with threat hunting methodologies and threat intelligence analysis. Strong understanding of network security concepts and protocols. Scripting experience (Python, Bash,etc.) for automation and analysis.

    • Experience, Functional & other Skills

    • 10+ years of experience in security operations, preferably with a focus on cloud security.

    • 3+ years of experience in developing, testing, deploying detection use case development for Cloud

    • Experience working with SIEM/SOAR platforms and analyzing security logs.

    • Demonstrated understanding of threat hunting methodologies and incident response procedures.

    • Security certifications (CISSP, SANS, CCSA, etc.) are a plus

    • Familiarity with security automation tools and frameworks

    Functional and Other Skills:

    · Excellent communication and collaboration skills.

    · Problem-solving and analytical skills.

    · Attention to detail and ability to prioritize tasks effectively.

    · Ability to work independently and as part of a team.

    · Strong written and verbal communication skills.

    Why join us

    We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.