ICICI Bank - Team Lead - Security Automation

Description :

Job Title : Team Lead Security Automation

Experience : 3 to 9 years

Location : Mumbai, Hyderabad

Job Role : Lead Team Lead Security Automation

Category : Risk Management

While the role descriptions give you an overview of the responsibilities, they are only directional and guiding in nature. At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers like One Bank, One Team. To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service.

About the Role :

As a Team Lead Security Automation in the banks security operations center (SOC), the individual will be responsible to Establish, communicate and maintain security plan for overall security and risk management function for the engagements and BU. The candidate will lead the Automation Team, to support SOC team to work efficiently & effectively via Automation

Key Responsibilities :

- Reporting : Researches, validates, documents, and articulates security findings to Security Leadership. Responsible for metrics development and presentation. Work directly with business teams to review and guide on their requirements on Business IT and cyber security perspective.

- Collaborate : Collaborates with SOC Team and across IT departments to identify, administer, analyses, and solve critical security problems, as well as operationalize lessons learned into existing or new technological controls, solutions, processes, procedures, knowledge articles.

- Audits : Provides support for Internal & External Audits for ISO HIPAA, GDPR, PCI & other regulators. Works with Auditors to provide details of security controls and proof of compliance with respect to the regulators.

- New tool testing : Tests new tools and stays up to date on new tools used in our sector. This involves leveraging Threat Intelligence and cross industry sharing.

Key Qualifications & Skills :

- Certifications : CEH, Security +, (EDU-380) Cortex XSOAR : Automation and Orchestration, Palo Alto Networks Certified Security Automation Engineer (PCSAE) (or equivalent from other OEM), (EDU-270) Cortex XSIAM for Security Operations and Automation (or equivalent from other OEM). Palo Alto Networks Certified XSIAM Analyst and/ or ISO27001, CISSP, CISM, CISA, CRISC, PCI-DSS ISA CPISI.

- Compliance : Knowledge of handling and reviewing the RBI cyber security requirements of business team such as Data localization SAR, PA/PG guidelines SAR, RBI Master Direction in Digital payment security controls requirements, V-KYC, Tokenization guidelines, etc.

- Communication Skills : Good oral and written communication skills.

- Synergize with the Team : Mentors SOC staff in the proper methods and procedures in analysis and triage. Works with SOC Engineer on training, documentation, and procedures for team. Accountable for Analysts responding to alerts form the SIEM and various security tools and is Subject Matter Expert in the various security tools. May also respond to alerts and assist team with more complicated alerts.

Technical Skills :

- Scripting and development skills (such as REST API, BASH, Perl, Python, or Java) with strong knowledge of regular expressions.

- Strong experience triaging security events using a variety of tools (SIEM / SOAR / XDR) in a security operations environment.

- Experience : 8 years of technical experience in the Information Security field with direct experience with SOAR or other automation solutions (e.g., IT automation, SIEM, case management). Minimum 5 years of hands on SOAR/SOC / IR experience.

Few Success Factors :

- Openness to collaborate

- Vigil on norms & regulations

- Orientation to understand business

- Learning aptitude