Security Expert will manage the planning, implementation, and continuous enhancement of Avaada's cybersecurity program, including the establishment of a Security Operations Centre (SOC), modernization of tools and controls, policy upgrades, and alignment with global standards like ISO 27001:2022 and NIST. The role encompasses end-to-end responsibility across cybersecurity operations, strategictooling, governance, cloud, OT/ICS, and compliance.
Key Responsibilities:
Security Operations Centre (SOC) Setup & Management
Design, plan, and manage the Security Operation Centre (SOC) aligned with business needs.
Define log sources, event flows, SIEM integration points, and threat intelligence feeds.
Develop operational playbooks, escalation workflows, shift schedules, and knowledge base documents.
Implement SOC KPIs (MTTD, MTTR, False Positive Rates, etc.) and periodic SOC effectiveness reviews.
Coordinate with IT, network, and cloud teams for 24/7 monitoring enablement.
Perform ongoing tuning of correlation rules, alerts, and response procedures.
Support audits by ensuring SOC processes are documented and control evidence is maintained.
Cybersecurity Operations Management
Manage threat detection, incident response, vulnerability remediation, and endpoint protection.
Oversee daily security alerts, logs, and forensic investigations using existing platforms.
Track zero-day threats, malware trends, and APT behavior impacting the renewable energy sector.
Coordinate triage of cyber incidents and manage incident response teams during escalations.
Manage KPIs for threat detection, incident closure, and endpoint compliance across locations.
Security Strategy, Roadmap & Modernization
Prepare and maintain Avaada's Cybersecurity Roadmap with quarterly, half yearly and annual goals.
Identify security gaps, outdated tools, or manual processes for modernization or automation.
Benchmark current posture against global security trends, risks, and industry best practices.
Coordinate with leadership for board-level reporting and long-term security investment planning.
Ensure alignment of the roadmap with IT initiatives, OT expansion, and cloud-first transformation.
Infrastructure, Cloud & Identity Security
Ensure infrastructure and cloud services follow secure-by-design principles.
Implement and monitor identity and access controls across cloud infrastructure and internal tools.
Review firewall policies, VPN configurations, and segmentation zones for security gaps.
Collaborate with cloud architects to align workloads with CIS Benchmarks and cloudnative controls.
Enforce identity lifecycle management and privileged access workflows.
OT/ICS & Plant Cybersecurity
Manage cyber risk assessments for OT environments, SCADA systems, and substations.
Oversee segmentation between IT and OT networks (e.g., firewalls, DMZ, whitelisting).
Coordinate security hardening and asset inventory for field-level equipment.
Implement monitoring tools for critical energy infrastructure events and access.
Ensure physical security controls integrate with cybersecurity systems where feasible.
Plan cybersecurity drills and simulations for plant-level scenarios.
Awareness & Cyber Hygiene
Conduct ongoing cybersecurity training, phishing simulations, and e-learning modules.
Regularly update content based on real-world threats and incidents.
Track and report user participation, risk scores, and improvement areas.
Promote a security-first culture across employees, vendors, and partner ecosystems.
Run executive awareness sessions to foster top-down risk ownership.
Qualifications & Skills:
Bachelor's/Master's degree in IT, Computer Science, or a related field.
10+ years of experience in Cyber Security with At least 5 years in a cybersecurity leadership or specialist role, managing teams, SOC operations, or enterprise-wide security programs.
Certifications : Either 2 or more of the following
o CISSP
o CISM
o CEH
o CCSPStrong understanding of
o Enterprise security architecture and secure network design
o Security tools (SIEM, XDR, SOAR, UEBA, PAM)
o Cloud SecurityExperience with Cloud security OT/ICS/SCADA cybersecurity (preferred in energy/renewable sector) is a plus
Proven experience in
o Managing cybersecurity frameworks (ISO/IEC 27001, NIST CSF, CIS)
o Threat detection and response (SOC, SIEM, SOAR)
o Endpoint, cloud, and application security controlsExcellent problem-solving, communication, and leadership skills.
Job Snapshot
Updated Date
19-07-2025
Job ID
AvaadaJob1015
Department
Information Technology
Location
Noida 62, Noida, Uttar Pradesh, India
Experience
7 - 15 Years
Employee Type
Permanent
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.