Sr Lead - Captive Operations

About The Company

L3 SOC Analyst Team Lead (24x7 Operations)

Location: Hyderabad

Experience Required

• Minimum 9 years of relevant experience with BCA/BSc-IT, or
• Minimum 7 years of relevant experience with BE/B.Tech/MCA
  

Certifications

• Mandatory: CEH (Certified Ethical Hacker) and/or CHFI (Computer Hacking Forensic Investigator)
• Plus at least one additional certification from the following (or as per organizational requirement):
• CISSP, CISM, OSCP, GCIA, GCIH, etc.
  

Key Responsibilities

Team & Operations Management:

• Lead and manage a 24x7 Security Operations Center (SOC) team including L1 and L2 analysts
• Review L2 team activities regularly; ensure automation of routine and repetitive tasks
• Act as the escalation point for all SOC-related incidents across L1/L2/L3 teams
• Enforce adherence to SLA compliance and service quality parameters as defined by HPCL
• Provide on-the-job training and mentoring to the HPCL SOC team
• Prepare and deliver executive-level reports and presentations on SOC metrics, capabilities, and roadmap
  

Threat Management & Use Case Development

• Conduct threat modeling for HPCL assets; define detection use cases based on threat vectors
• Improve accuracy of detection, reduce false positives, and enhance content development in SIEM
• Perform and mature threat hunting, threat intel analysis, and proactive monitoring
• Define and manage incident response plans, including response optimization and forensic support
  

Technology Expertise

• Deep knowledge and hands-on experience in:
• ArcSight SIEM advanced queries, rule tuning, dashboard/reports optimization
• SOAR automating incident response, vulnerability management, and ticket workflows
• UEBA user behavior analytics, anomaly detection and response
• Manage log ingestion, parsing, and normalization from diverse log sources
• Ensure synchronization and operational readiness of DC and DR environments
• Participate in and support Disaster Recovery (DR) tests, Cyber Drills, and Tabletop Exercises
• Conduct regular reviews and change management for Standard Operating Procedures (SOPs)
• Assess technology configurations against global security standards and recommend improvements
• Define and track a maturity roadmap for SOC technologies and processes
• Assist in vulnerability management, including patching, upgrades, and remediation tracking
• Strong understanding of:
• Windows Event Logs, Linux system logs, and log correlation techniques
• Threat Intelligence platforms and integration with SIEM/SOAR
• Skilled in log analysis, incident triage, and advanced threat detection techniques
• Experience in developing custom rules, dashboards, and automated response playbooks
  

Soft Skills

• Excellent communication, report writing, and presentation skills
• Proficiency in Microsoft Word, Excel, PowerPoint for executive reporting and documentation
• Ability to work under pressure, manage critical incidents, and support multiple stakeholders
  

Preferred Qualifications

• Prior experience leading SOC operations for enterprise environments or public sector
• Experience in regulated industries or familiarity with compliance standards (ISO 27001, NIST, etc.)