L3 IBM QRadar SIEM-DAM

Scope of Work: -

The MIS Executive will be responsible for:

• Collecting and consolidating data from multiple departments
• Creating and maintaining daily/weekly/monthly MIS reports.
• Developing automated dashboards
• Performing data analysis to identify trends and insights.
• Ensuring accuracy, consistency, and confidentiality of organizational data.
• Coordinating with departments to streamline data flow and reporting structures.
• Generating ad-hoc reports as required by management.
• Managing master data, user access, and backups.
• Supporting Information Security data integration or migration

activities.

Operation & Support Management:

• Continuous Monitoring & Threat Detection
• Oversee SOC operations ensuring timely detection and incident response.
• Integrate SIEM, SOAR, XDR, IDS/IPS, UEBA, and threat intelligence platforms for advanced monitoring.
• Monitor trading and clearing platforms, APIs, and connectivity gateways for anomalies and vulnerabilities.
• Track zero-day vulnerabilities, emerging threats, and APTs targeting financial markets.
• Incident Response & Crisis Management
• Lead incident triage, investigation, containment, and recovery.
• Conduct root cause analysis and post-incident reviews to prevent recurrence.
• Coordinate major incident response with regulators (SEBI, CERT-In, RBI) and law enforcement.
• Conduct red/blue team simulations, tabletop exercises, and cyber drills to validate readiness

Technology & Process Optimization:

Manage and optimize SOC tools, platforms, and analytics.

• Drive automation (SOAR, ML-based anomaly detection,

scripting) to improve efficiency and reduce MTTR.

• Integrate SOC operations with NOC, fraud monitoring, and

business continuity for resilience.

• Ensure forensic readiness, log management, and data retention

meet regulatory standards

Compliance & Regulatory Reporting:

Ensure compliance with SEBI CSCRF, CERT-In directives, DPDPA,

PCI DSS, ISO 27001.

Prepare and submit mandatory incident reports within required

timelines.

Maintain audit-ready documentation and support external/internal

audits and risk assessments.

Provide executive dashboards and reports on incidents, threats, and

SOC performance.

Threat Intelligence & Proactive Defence

Build and integrate Cyber Threat Intelligence (CTI) programs relevant

to financial services.

Implement proactive threat-hunting programs to detect and mitigate

risks early.

Collaborate with security architecture and engineering teams to

improve detection and prevention.

Team Leadership & Development

Develop and maintain SOC policies, processes, and playbooks based

on industry best practices (e.g., NIST, ISO 27001, MITRE ATT&CK).

Implement a SOC Maturity Roadmap to enhance detection, response,

and recovery capabilities.

Establish and monitor KPIs to measure SOC effectiveness (MTTD,

MTTR, containment rates