Security Operations Center (SOC) Manager

Manager SOC

About Business:

Adani Group: In recent years, we have evolved from a new player in power generation to India’s largest private thermal power producer, with a capacity of 15,250 MW and a 40 MW solar project in Gujarat. It has created a world-class logistics and utility infrastructure portfolio that has a pan-India presence. Adani Group is headquartered in Ahmedabad, in the state of Gujarat, India. Over the years, Adani Group has positioned itself to be the market leader in its logistics and energy businesses focusing on large-scale infrastructure development in India with O & M practices benchmarked to global standards. With four IG-rated businesses, it is the only Infrastructure Investment Grade issuer in India.

Job Purpose: The SOC Specialist is responsible for monitoring and responding to security incidents and events across the organization's IT infrastructure. This role involves actively monitoring security systems, analyzing potential threats, and coordinating the response to incidents to minimize damage and reduce the risk to the organization’s assets. The SOC Specialist will work in a team environment, leveraging security monitoring tools and providing timely responses to security events to ensure the protection of the organization's information and systems.

SOC Specialist

Security Monitoring and Incident Detection:

Monitor security events and alerts from various security tools, including SIEM (Security Information and Event Management) systems, firewalls, intrusion detection systems (IDS), and endpoint protection solutions.

Perform real-time analysis of security events to detect potential security incidents or breaches.

Identify and respond to indicators of compromise (IoC) and signs of malicious activity within the organization’s network and systems.

Analyze logs and alerts from security devices, servers, applications, and networks to detect anomalous or suspicious activity.

Incident Response and Escalation:

Respond promptly to security incidents and alerts by conducting initial analysis and determining the severity of incidents.

Escalate incidents to higher-tier SOC analysts or incident response teams for further investigation or mitigation when necessary.

Coordinate with cross-functional teams, such as IT, network security, and compliance, to remediate or contain security incidents.

Assist in the investigation and forensics of security incidents, ensuring appropriate response actions are taken.

Threat Intelligence and Analysis:

Stay up-to-date with emerging cyber threats, attack methods, and vulnerabilities to enhance the organization’s detection and response capabilities.

Use threat intelligence feeds to enrich incident detection and correlate external threat data with internal logs and events.

Perform threat hunting activities to proactively identify potential security risks and vulnerabilities within the organization’s systems.

Security Systems Management:

Support the operation and maintenance of security tools, such as SIEM, IDS/IPS, firewalls, anti-malware systems, and endpoint protection solutions.

Regularly review and tune security monitoring systems to ensure that they are configured to effectively detect potential security incidents.

Ensure that security systems are up-to-date and working efficiently to monitor and protect the organization’s infrastructure.

Reporting and Documentation:

Document security incidents and responses, including details about the attack, mitigation actions, and outcomes, for future reference and compliance reporting.

Generate regular reports on security incidents, trends, and response activities for management and relevant stakeholders.

Provide root cause analysis and recommendations for improving security based on incident findings and post-incident reviews.

Collaboration and Communication:

Work closely with IT, network operations, and other teams to ensure alignment of security operations and incident response procedures.

Provide clear and concise communication regarding the status of ongoing incidents and security threats.

Assist in the development of security awareness programs to educate staff on the importance of security practices and policies.

Compliance and Regulatory Requirements:

Ensure that security operations align with organizational policies, procedures, and compliance regulations (e.g., GDPR, HIPAA, ISO 27001).

Assist in the preparation for audits and regulatory assessments by maintaining records of security events and incident responses.

Ensure timely and accurate reporting of security incidents to meet legal and regulatory obligations.

Continuous Improvement:

Participate in regular security training and awareness activities to improve your technical knowledge and the overall capabilities of the SOC team.

Collaborate with other security teams to improve incident response procedures, threat detection processes, and security monitoring tools.

Contribute to the development of new security practices and tools that enhance the organization’s security posture.

Key Stakeholders - Internal

SOC Manager / Head of Cybersecurity

Business Unit Heads and Department Heads

Information Security and IT teams

Risk Management Teams

IT and Network Operations Teams

Incident Response Teams

Key Stakeholders - External

Third-Party Service Providers

 

Educational Qualification:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Advanced degree (e.g., Master's, MBA) in Cybersecurity, Information Assurance, or a relevant discipline is highly desirable.

Certification:

Relevant certifications such as CompTIA Security+, Certified SOC Analyst (CSA), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) are a plus.

Hands-on experience with SIEM systems (e.g., Splunk, IBM QRadar, ArcSight) and other security monitoring tools and with common security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls).

Knowledge of common attack vectors, vulnerabilities, and cyber threats (e.g., phishing, malware, DDoS).

Proficiency with security tools such as firewalls, IDS/IPS, anti-malware solutions, and endpoint detection.

Work Experience (Range of years):

13+ years of experience in a Security Operations Center (SOC) or related cybersecurity role.

Experience Level

Mid Level