****OSCP certification will be added advantage

Searching Key word: Red Teaming/Blue Teaming and Use Case and Arcsight and SIEM and MITRE ATT&CK

Key Responsibilities:

SOC Operations Management

Lead the day-to-day operations of the SOC including real-time monitoring, incident detection, response, and escalation processes.
Manage and coach SOC analysts across different shifts to ensure 24x7 coverage and efficiency.
Establish and maintain SOC processes, playbooks, and escalation paths.
Define and track KPIs, SLAs, and SOC performance metrics.

Threat Monitoring & Incident Response

Oversee analysis of logs, alerts, and telemetry from security tools (e.g., SIEM, EDR, firewalls).
Lead investigation and triage of security incidents to determine severity, scope, and impact.
Coordinate incident response efforts, ensuring timely resolution and root cause analysis.
Develop incident timelines, response reports, and post-mortems for major incidents.

Threat Intelligence & Analysis

Integrate threat intelligence feeds and apply intelligence to enrich detection capabilities.
Writing new and Update use cases.
Correlate threat data from various sources to improve situational awareness.
Utilize the MITRE ATT&CK framework and kill chain methodology to identify attack patterns. Required Skills & Experience:

Strong hands-on experience with SIEM tools (e.g.,Arcsight, Splunk, QRadar, LogRhythm, Elastic), EDR solutions (e.g., CrowdStrike, SentinelOne), SOAR & UBEA platforms, IDS/IPS, and threat intel platforms.
In-depth knowledge of security concepts, incident handling, threat hunting, malware analysis, and forensics.
Familiarity with cloud security monitoring (AWS, Azure, GCP) and DevSecOps practices is a plus.
Excellent problem-solving, communication, and leadership skills.

Penetration Testing Skill set:

Penetration Testing & Exploitation

Proficiency in offensive tools (e.g., Metasploit, Cobalt Strike, Empire, BloodHound)
Exploitation of known vulnerabilities (CVE analysis)
Custom payload development and obfuscation
Bypassing EDR, antivirus, and firewalls
Lateral movement and privilege escalation techniques

Operating System Expertise

Deep knowledge of Windows internals (Registry, AD, PowerShell, WMI)
Linux/Unix exploitation, bash scripting, cron job abuse
Kernel-level attack understanding

Network Attacks

Network sniffing, spoofing, and man-in-the-middle (MITM) attacks
DNS, DHCP, SMB, RDP, and LDAP exploitation
Rogue devices and network pivoting

Web & Application Security

Exploiting OWASP Top 10 vulnerabilities
API abuse, token manipulation, and session hijacking
Client-side attacks (XSS, CSRF, clickjacking)

Scripting & Development

Proficiency in scripting languages (Python, PowerShell, Bash)
Writing custom Red Team tools or modifying open-source ones
Regex, API integration, automation of attack chains

Analytical & Planning Skills

Reconnaissance & OSINT

Passive and active information gathering (Shodan, Maltego, Google Dorking)
Social engineering target profiling (LinkedIn, GitHub, etc.)
Infrastructure mapping (DNS enumeration, subdomain discovery)

Adversary Simulation & Threat Modeling

Using frameworks like MITRE ATT&CK, D3FEND, and Cyber Kill Chain
Building attack scenarios based on realistic threat actors (APT emulation)
Purple teaming coordination with Blue Teams

Campaign Design & Execution

Planning multi-stage attacks with command and control (C2)
Covert operations (fileless attacks, living-off-the-land techniques)
Red Team Exercise lifecycle planning: objective setting, engagement rules, exit criteria

Reporting & Debriefing

Documenting attack vectors, exploited paths, and impact analysis
Writing executive-level reports and technical documentation
Presenting findings to Blue Team and executive leadership
Recommending mitigations and hardening strategies

Sr Lead - Captive Operations

Tata Communications

Job Description

About Company

Services you might be interested in

One-Shot Campaign