SOC Lead - MDR (SOC)

Eviden is an Atos Group business with an annual revenue of circa € 5 billion and a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 55,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.

SOC Lead - MDR (SOC)

Key Responsibilities:

- Represent the SOC findings in customer calls - highlight value added by SOC, understand the gaps (if any) from customer and work towards fixing those.

- Distinguish incidents as opposed to non-incidents, so as has to i) hold meaningful/intelligent conversation with customers and ii) lead the team with right directions.

- Steer the team of Analysts and Sr. Analysts on Incident Handling (Detection, Analysis, Triage, and Response) processes. Also, guide the team on client processes so that team constantly meets 99% SLA requirements on notification, investigation, response, and remediation.

- Coordinate with Account Management (customer relationship management team) to set healthy expectations of client and improved deliverables of SOC.

- Ensure all threats at customer environment are detected and notified in timely manner.

- Ensure customer deliverables are being provided as per agreed service level agreements. The operating procedures are documented and change requests are tracked/approved.

- Understand customer requirements and translate these into service outputs.

- Ensure that the incident analysis runbooks, incident response runbooks and standard operating procedures are built, maintained, and are kept in line with best practices and customer expectations.

- Keep track of scope and scope deviations, scheduled and adhoc deliverables.

- Work with platform administration team to ensure integration of new devices and ensure health of monitoring infrastructure.

- Working knowledge of

o operating systems

o network technologies (firewall, proxy, DNS, Netflow)

o Active Directory

o Network communications and routing protocols (e.g., TCP, UDP, ICMP, BGP, MPLS, etc.)

o Common internet applications and standards (e.g., SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).

- Identify Gaps and Proactively fix what is Committed vs Delivered:

o Monitoring log sources as per scope are very crucial to SOC operations. SOC Lead should ensure governance and validity of in-scope/out-of-scope log sources.

o Ensure that each log source has use cases, hunting models, and no threat detection aspect is getting missed.

o Gap analysis based on customer domain / business applications / technology deployed etc:

- SPOC: Response to client problems/requirements:

o First response to the customer queries and complete ownership till query is addressed.

o Log source integration/decommission etc.

o coordinating with other internal units within Atos for timely response to client.

- Show value/benefits of the delivery (MDR) during Periodic Service Review (PSR) meetings

o Timely closure of operational tasks

Let's grow together.