SOC Manager

– ITIL Certified
– Manages resources to include personnel, budget, shift scheduling and technology strategy to meet SLAs;
– Communicates with management
– Serves as organizational point person for business- critical incidents
– Provides overall direction for the SOC and input to the overall security strategy

Risk Management Committee

– Impact and Risk Assessment of Incidents
– Manages Risk, Compliance and Governance
– Alignment of Risk Management with Business Needs
– Qualified Risk Ranking

Threat Intelligence & Vulnerability Mgmt

– Network Scanning
– Vulnerability Scanning
– Situational Awareness
– Security Consulting
– Ethical Hacking
– Gap Analysis
– Develop intelligence from their past incidents and from information-sharing sources, such as a specialized threat intelligence vendor, industry
partners, the cybercrimes division of law inforcement information sharing organization

Emergency Response Team

– Subject matter Experts
– have vast knowledge and experience with network threats, their detection and mitigation, and in-depth experience.
– Provides expert security assistance
– Take immediate corrective action to restore services and attack mitigation
– Handling Major (High Priority) Incidents andVulnerability Mgmt escalations

Incident Response & Forensics Team

– Expert of security technology and process
– Understand attacks and threat matrix
– Extremely good at reaching to rootcause
– Think out of box
– Understand Virus, Trojans, backdoor, malicious code
– Performs deep-dive incident analysis by correlating data from various sources
– Determines if a critical system ordata set has been impacted
– Advises on remediation
– Provides support for new analytic methods for detecting threats

Security Monitoring

– Continuously monitors the alert queue
– Triages security alerts
– Monitors health of security sensors and Network Elements
– Collects data and context necessary to initiate Investigate and Analysis work.

Security Management Team

– Expert of Security, OS, Network, Web technology, Database
– Configure tools and security technologies
– Implement security policies in technologies under SOC
– Quick at Incident response
– Interact and drive vendors, OEM,Government bodies
– Handles Day to day operations of the
– Device Administrations
– Configuration Management as per the change request policies
– Device Configuration Backups