Job
Description
Job Title: Manager – SOAR Administration Department: Information Security Group (ISG) Duration: 6 months Reports To: VP – Head of Cyber Defense Center Location: REMOTE,India Job Purpose The Manager – SOAR Administration is responsible for the end-to-end administration and optimization of Security Orchestration, Automation, and Response (SOAR) solutions within the Cyber Defense Center. This role is critical to enhancing the efficiency and effectiveness of the organization’s security operations through the use of automation and orchestration. The role involves collaborating with the SOC team, integrating security tools, developing automated workflows, and improving incident response capabilities to bolster the overall cyber resilience of the organization. Key Result Areas Lead the implementation, configuration, and administration of SOAR platforms (e.g., Splunk SOAR, Palo Alto Cortex XSOAR, IBM Resilient). Design, build, and optimize automated playbooks for incident detection and response. Ensure orchestration and integration across various security tools (SIEM, threat intelligence platforms, etc.). Drive process automation using scripting languages (Python, PowerShell, Bash). Support the incident response lifecycle and coordinate with the SOC during incidents. Monitor and enhance the SOAR ecosystem to reduce mean time to detect and respond (MTTD/MTTR). Deliver projects related to SOAR optimization and innovation. Key Principles Business Alignment: Ensure SOAR initiatives are aligned with the bank’s strategic security objectives. Accountability: Own SOAR processes, outcomes, and reporting. Maturity Improvement: Continuously drive enhancements to cyber defense posture. Impact-Driven Approach: Focus on tangible results such as reduced response times and risk mitigation. Innovation & Automation: Promote scalable automation strategies and cutting-edge solutions. Continuous Improvement: Regularly review and upgrade SOAR processes and playbooks. Operating Environment & Relationships Collaborate with: Group-level CISOs, Cyber Defense Center staff Regulatory bodies, local and global teams First, Second, and Third Lines of Defense (e.g., DPP, IT, Risk, Audit, Compliance) Ensure alignment with: Cybersecurity standards and frameworks Bank-wide governance and regulatory mandates Problem Solving & Critical Thinking Analyze and resolve complex cybersecurity incidents through automation and orchestration. Develop innovative solutions where standard approaches fall short. Apply strong technical knowledge of security frameworks, protocols, and SOAR integrations. Decision-Making Authority & Responsibility Serve as the subject matter expert (SME) for all SOAR-related initiatives. Validate the adequacy of process controls against internal policies and regulatory requirements. Influence strategic direction for automation in incident response and security operations. Knowledge, Skills & Experience Essential Knowledge & Experience 8+ years in Information Security, including 4–6 years in Security Incident Response using SOAR. Proven hands-on experience with platforms such as Microsoft Sentinel, Splunk SOAR, Cortex XSOAR, or IBM Resilient. Familiar with advanced SOC tools, frameworks (NIST, CERT/CC, ISO 27035), and regulatory requirements. Strong background in the BFSI sector, preferably in a SOC function. In-depth understanding of governance, compliance, risk management, and incident response. Technical Skills & Application Expertise in scripting (Python, PowerShell, Bash) for playbook development. Ability to assess, design, and review SOAR use cases, automation logic, and integrations. Maintain up-to-date knowledge of evolving threat landscapes and defense mechanisms. Demonstrate resilience in enhancing security hygiene and monitoring capabilities. Other Requirements Bachelor’s degree in Computer Science, Information Security, or related discipline. Strong awareness of emerging technologies and evolving threat vectors. Professional certifications such as GCIH, CISSP, CEH are highly preferred. Show more Show less
