Security Delivery Lead

Security Delivery Lead

Project Role : Security Delivery Lead
Project Role Description : Leads the implementation and delivery of Security Services projects, leveraging our global delivery capability (method, tools, training, assets).
Must have skills : Security Information and Event Management (SIEM)
Good to have skills : NA
Minimum 12 year(s) of experience is required
Educational Qualification : 15 years full time education

Job Summary:
We are seeking a highly skilled and experienced Level 4 SOC Incident Responder to join our Security Operations Center (SOC) team. This senior-level position is critical in managing and responding to advanced cybersecurity threats, leading complex incident investigations, and developing detection and response strategies. The ideal candidate will possess deep technical expertise, strong analytical skills, and proven experience in managing end-to-end incident responses.

Key Responsibilities:

Incident Response & Management
Act as the primary lead on critical security incidents and complex investigations.
Triage, analyze, and respond to escalated security alerts and events from Level 1-3 SOC teams.
Conduct root cause analysis, forensic investigations, and impact assessments.
Coordinate with internal stakeholders and external partners during major incidents (e.g., breach response).
Develop and execute incident response plans (IRPs) and playbooks for various attack scenarios.
Threat Hunting & Analysis
Proactively hunt for threats using SIEM, EDR, and threat intelligence data.
Identify and mitigate advanced persistent threats (APTs) and zero-day exploits.
Analyze malware, network traffic, endpoint artifacts, and log data to detect and contain threats.
Tooling & Automation
Tune detection content and enhance alerting logic across SIEM/SOAR platforms.
Integrate and optimize use of tools such as Splunk, MxDR, Sentinel, CrowdStrike, Tines, XSOAR, etc.
Contribute to development and refinement of automated response workflows using SOAR tools.
Mentoring & Leadership
Provide guidance and mentorship to L1-L3 analysts on investigation techniques and escalation paths.
Conduct knowledge-sharing sessions and tabletop exercises for IR preparedness.
Assist in training team members on evolving threats, tools, and methodologies.
Reporting & Documentation
Prepare detailed incident reports, post-incident reviews (PIRs), and lessons learned.
Maintain up-to-date documentation of incident handling procedures and response plans.
Communicate technical findings clearly to both technical and non-technical stakeholders.

Required Skills & Experience:
Must To Have Skills: Proficiency in Security Information and Event Management (SIEM).
12+ years of experience in cybersecurity, with 8+ years in incident response or SOC operations.
Proven experience leading response for critical security incidents and breaches.
Expertise in analyzing and interpreting logs, packet captures, endpoint telemetry, and malware samples.
Strong experience with SIEM (e.g., Splunk, QRadar, Sentinel, MxDR) and EDR (e.g., CrowdStrike, Carbon Black) platforms.
Hands-on experience with SOAR platforms and scripting (Python, PowerShell, Bash).
Familiarity with MITRE ATT&CK, Cyber Kill Chain, and threat modeling frameworks.
Excellent understanding of Windows, Linux, network protocols, and cloud environments (AWS, Azure).
Strong written and verbal communication skills, especially in high-pressure situations.

Preferred Certifications (one or more):
GIAC Certified Incident Handler (GCIH)
GIAC Certified Forensic Analyst (GCFA)
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
MITRE ATT&CK Defender (MAD)
Azure/AWS Security Certifications

Soft Skills:
Calm and decisive under pressure.
Highly analytical with strong problem-solving skills.
Ability to lead investigations with minimal supervision.
Excellent collaboration and communication abilities.

Why Join Us:
Opportunity to work on cutting-edge security challenges and advanced threats.
Collaborate with a high-performing global security team.
Access to industry-leading tools and continuous learning resources.
Competitive compensation and growth opportunities.

Additional Information:
- The candidate should have minimum 12 years of experience in Security Information and Event Management (SIEM).
- This position is based at our Bengaluru office.
- A 15 years full time education is required.