Job
Description
About The Role
Project Role :Security Architect
Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :Security Information and Event Management (SIEM)
Good to have skills :NA
Minimum 5 year(s) of experience is required
Educational Qualification :15 years full time education
Summary:The SOC Lead will oversee the 24x7 Security Operations Center, providing strategic and technical leadership to ensure effective detection, analysis, response, and remediation of cybersecurity threats. This role requires hands-on expertise, strong leadership, and the ability to coordinate across teams to enhance the organization’s security posture. Roles & Responsibilities:-Lead, mentor, and manage SOC Analysts (L1/L2/L3) to ensure effective monitoring and incident handling.-Oversee daily SOC operations, ensuring SLAs, KPIs, and operational metrics are met.-Coordinate triage, investigation, and response for security incidents.-Ensure continuous coverage, proper shift management, and resource allocation.Oversee configuration, tuning, and optimization of SIEM, SOAR, EDR, NDR, and threat intelligence platforms.-Review and validate incident investigations, forensic findings, and remediation actions.-Ensure effective use of security tools to detect advanced threats, malware, and APT activities.-Lead major incident response activities and serve as escalation point.-Develop and maintain SOC processes, runbooks, and incident response playbooks.-Ensure compliance with standards such as ISO 27001, NIST CSF, GDPR, PCI-DSS, etc.-Prepare dashboards, management reports, and incident summaries for leadership.-Monitor emerging threats, vulnerabilities, and adversary tactics to enhance detection capabilities.-Drive proactive threat hunting activities and continuous improvement of detection rules.-Integrate external threat intelligence feeds into SOC workflows.-Work closely with IT, Network, Cloud, and Application teams during incident investigations.-Engage with business leaders on risk posture, threats, and cyber readiness.-Partner with MSSPs, OEMs, and service providers for escalations and enhancements. Professional & Technical
Skills:
-Strong hands-on experience with Splunk, IR, Abnormal Security, MS, Recorded Future.-Proficiency in EDR tools (CrowdStrike, Defender ATP, etc.).-Experience with SOAR automation and playbook development.-In-depth knowledge of network security, cloud security (AWS/Azure/GCP), and endpoint security.-Understanding of MITRE ATT&CK, threat hunting methodologies, and log analysis.-Experience with incident response, malware analysis, and digital forensics (preferred).-Preferred certifications:CISSP, CISM, CEH, GCIA, GCIH, GCIH, CCSP, Security+
Additional Information:The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).This position is based at our Bengaluru office.A 15 years full time education is required.
Qualification 15 years full time education
