Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Security Information and Event Management (SIEM)

Good to have skills :

NA

Minimum

5

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: The SOC Lead will oversee the 24x7 Security Operations Center, providing strategic and technical leadership to ensure effective detection, analysis, response, and remediation of cybersecurity threats. This role requires hands-on expertise, strong leadership, and the ability to coordinate across teams to enhance the organization's security posture. Roles & Responsibilities: -Lead, mentor, and manage SOC Analysts (L1/L2/L3) to ensure effective monitoring and incident handling. -Oversee daily SOC operations, ensuring SLAs, KPIs, and operational metrics are met. -Coordinate triage, investigation, and response for security incidents. -Ensure continuous coverage, proper shift management, and resource allocation. Oversee configuration, tuning, and optimization of SIEM, SOAR, EDR, NDR, and threat intelligence platforms. -Review and validate incident investigations, forensic findings, and remediation actions. -Ensure effective use of security tools to detect advanced threats, malware, and APT activities. -Lead major incident response activities and serve as escalation point. -Develop and maintain SOC processes, runbooks, and incident response playbooks. -Ensure compliance with standards such as ISO 27001, NIST CSF, GDPR, PCI-DSS, etc. -Prepare dashboards, management reports, and incident summaries for leadership. -Monitor emerging threats, vulnerabilities, and adversary tactics to enhance detection capabilities. -Drive proactive threat hunting activities and continuous improvement of detection rules. -Integrate external threat intelligence feeds into SOC workflows. -Work closely with IT, Network, Cloud, and Application teams during incident investigations. -Engage with business leaders on risk posture, threats, and cyber readiness. -Partner with MSSPs, OEMs, and service providers for escalations and enhancements. Professional & Technical Skills: -Strong hands-on experience with Splunk, IR, Abnormal Security, MS, Recorded Future. -Proficiency in EDR tools (CrowdStrike, Defender ATP, etc.). -Experience with SOAR automation and playbook development. -In-depth knowledge of network security, cloud security (AWS/Azure/GCP), and endpoint security. -Understanding of MITRE ATT&CK, threat hunting methodologies, and log analysis. -Experience with incident response, malware analysis, and digital forensics (preferred). -Preferred certifications: CISSP, CISM, CEH, GCIA, GCIH, GCIH, CCSP, Security+ Additional Information: - The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM). - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education