Position Overview:
Ralliant is seeking a skilled
Security Operations Lead
based in India to lead international response operations and SOC mission. This role combines
incident command, response coaching
, and
technical depth
across detection and response, with a strong focus on MSSP oversight and continuous improvement. The ideal candidate brings deep experience in incident command, advanced triage/investigation skills, and the ability to communicate and report with clarity and impact.
Key Responsibilities:
- Serve as global incident commander, driving incident response lifecycle activities including triage, containment, forensics, recovery, and lessons learned.
- Lead and coordinate efforts across multiple MSSP structures:
- A managed defend and respond partner delivering 24x7 coverage
- A staff augmentation-based MSSP providing tiered security analyst resources.
- Act as the chief coach for analysts across both in-house and partner-sourced teams—guiding investigation depth, alert tuning, and incident retrospectives.
- Manage and report on SOC performance metrics, SLAs, and KPIs—focusing on mean time to detect (MTTD), mean time to respond (MTTR), false positive rates, and threat detection coverage.
- Drive accountability and continuous improvement through regular reporting, operational dashboards, and escalation reviews to security leadership.
- Leverage deep knowledge of CrowdStrike Falcon (EDR, Identity, Forensics) to validate detection effectiveness and lead incident investigations.
- Support integration, optimization, and effective use of CrowdStrike SIEM/LogScale for advanced log correlation, threat hunting, and alert fidelity.
- Ensure high-quality documentation and communication during incidents—including executive summaries, impact analysis, and regulatory reporting alignment (e.g., SOX, NIST 800-171).
- Maintain and evolve incident playbooks and threat detection use cases in alignment with MITRE ATT&CK and emerging threat intelligence.
- Actively participate in global cybersecurity strategy sessions and coordinate with peers across IT, GRC, and engineering to ensure defense-in-depth posture.
Qualifications:
- 8+ years in security operations, incident response, or threat detection roles.
- 3+ years managing or coordinating workstreams from MSSPs or staff augmentation models.
- Strong experience in global incident command with a focus on collaboration, triage efficiency, and structured decision-making.
- Hands-on expertise with CrowdStrike Falcon suite and familiarity with CrowdStrike LogScale/SIEM highly desirable.
- Demonstrated ability to develop and track SOC performance metrics and drive data-informed decisions.
- Deep investigative skillset including root cause analysis, endpoint/network forensics, and adversary behavior tracking.
- Excellent written and verbal communication skills, especially for incident documentation and stakeholder briefings.
- Familiarity with security frameworks (NIST, MITRE ATT&CK) and compliance domains (SOX, ITAR, NIST 800-171).
Preferred Certifications:
- CISSP, GCIH, GCFA, GCIA, or similar relevant credentials.
- Practical experience with log correlation platforms and case management tools (e.g., ServiceNow, Jira).
Ralliant Overview
Every day, engineers transform scientific potential into real-world impact, reshaping how we live and work. At this pivotal moment in technology, Fortive is creating a focused, standalone company poised to capitalize on powerful long-term trends with mission critical technologies advancing an electrified and digital future. Our team of scientists, engineers, and technologists is joining forces to pioneer solutions that will shape the future of industry.Introducing Ralliant Corporation, a global technology company uniting trusted brands solving tough challenges to speed breakthroughs at leading companies, research institutions, and governments, across the semiconductor/communications/diversified electronics, industrial manufacturing, utilities, and aero, defense, and space industries.Ralliant is fueled by a global team of changemakers, committed to continuous improvement and a strong culture rooted in disciplined execution. For more information please visit: https://careers.fortive.com/newco-opportunities/
Ralliant Corporation Overview
Ralliant, originally part of Fortive, now stands as a bold, independent public company driving innovation at the forefront of precision technology. With a global footprint and a legacy of excellence, we empower engineers to bring next-generation breakthroughs to life — faster, smarter, and more reliably. Our high-performance instruments, sensors, and subsystems fuel mission-critical advancements across industries, enabling real-world impact where it matters most. At Ralliant we’re building the future, together with those driven to push boundaries, solve complex problems, and leave a lasting mark on the world.
Bonus or Equity
This position is also eligible for bonus and equity as part of the total compensation package.
Ralliant Corporation Overview
Ralliant, originally part of Fortive, now stands as a bold, independent public company driving innovation at the forefront of precision technology. With a global footprint and a legacy of excellence, we empower engineers to bring next-generation breakthroughs to life — faster, smarter, and more reliably. Our high-performance instruments, sensors, and subsystems fuel mission-critical advancements across industries, enabling real-world impact where it matters most. At Ralliant we’re building the future, together with those driven to push boundaries, solve complex problems, and leave a lasting mark on the world.This position is also eligible for bonus and equity as part of the total compensation package.
