Advanced Security Professional

We are seeking a highly experienced and technically proficient professional to join our team. In this critical role, you will leverage your deep expertise in SOAR and Python to drive the implementation, playbook creation, and platform management, while also taking end-to-end responsibility for managing and resolving L3 level incidents and overseeing SOC operations.

• Possess very good knowledge of SOAR (Security Orchestration, Automation, and Response) and Python for implementation, Playbook creation, and platform management.
• Address any technical questions from clients and drive the implementation and operations BAUs (Business As Usual) for SOAR.
• Take end-to-end responsibility to manage/resolve L3 level incidents, address customer concerns, and oversee SOC (Security Operations Center) operations for customers.
• Take full accountability for incidents related to SOAR and pertaining to SOC operations.
• Work on documentation of Standard Operating Procedures (SOPs) and Root Cause Analyses (RCAs).
• Demonstrate good knowledge of Indicators of Attack (IOAs), Incident Response processes, and Playbooks.
• Act as a coach and mentor to junior Operations/Implementation Engineers and Technicians.
• Coordinate with Specialists/Leads to resolve complex problems.
• Take ownership of at least two technologies according to domain or specialization.
• Support Specialist/Sr. Specialist in the effective execution of projects.
• Perform skills gap analysis and upskill team members wherever needed.
• Maintain strong relationships with all project stakeholders.
• Serve as the immediate contact person for the client.
• Create and maintain SOP documents.
• Deliver technical tasks of a complex nature as per assigned timelines.
• Maintain activity logs, SLA details, and other critical information necessary for the smoother execution of projects.
• Resolve all technical issues/queries which are assigned/escalated.
• Partner with other cross-functional teams and client teams to provide effective resolution.
• Guide and share information with other analysts and teams.
• Perform use case creation, content development, playbook creation, and automation with APIs.
• Drive automation of all L1 & L2 activities.
• Act as the single point of contact for client stakeholders.
• Improvise threat hunting capabilities of the technology using automation.
• Drive continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities of the technology for threat detection and prediction, and implement advanced use cases.
• Conduct continuous fine-tuning of configurations, rules, policies, etc.
• Promote continuous innovation and automations in intuitive dashboards, reports, and queries.
• Optimize response time to fetch data and logs in advanced queries, reports, and dashboards.
• Provide on-the-job training to the client and the team.
• Participate in client meetings, discussions, etc.
• Interface with senior management.
• Establish communications with appropriate team members and business units, providing status updates.
• Manage reporting, tracking, monitoring, and closing out incident response issues with proper RCA.
• Interact with internal business units to address incidents and support investigations.
• Be the focal point for critical security events and incidents, serving as a Subject Matter Expert (SME) while providing recommendations and guidance to respective business units and to the SOC lead for escalation and remediation.
• Handle, respond to, and document all events or incidents that require escalation from Level 2 or Level 1 analysts.
• Lead efforts in monitoring, reporting, and responding to information security incidents.
• Recommend controls and process improvements based on external threat indicators, industry trends, and lessons learned.
• Be responsible for facilitating incident management team exercises and events.

• Very good knowledge of SOAR (Security Orchestration, Automation, and Response).
• Proficiency in Python for SOAR implementation, playbook creation, and platform management.
• Experience in managing/resolving L3 level incidents.
• Strong understanding of SOC operations and incident accountability.
• Knowledge of IOAs (Indicators of Attack), Incident Response processes, and Playbooks.
• Good to have knowledge of scripting.
• Experience in documenting SOPs and RCAs.
• Proven ability to coach and mentor junior engineers and technicians.
• Experience in coordinating with specialists/leads for complex problem resolution.
• Ability to take ownership of multiple technologies.
• Strong relationship management skills with project stakeholders.
• Ability to deliver complex technical tasks within timelines.
• Proficiency in maintaining activity logs, SLA details, and critical project information.
• Experience in technical issue resolution and query handling.
• Ability to partner with cross-functional and client teams.
• Experience in use case creation, content development, playbook creation, and automation with APIs.
• Knowledge of automating L1 & L2 activities.
• Ability to improvise threat hunting capabilities using automation.
• Experience with continuous development of analytical, statistical, mathematical models leveraging AI/ML capabilities for threat detection and prediction.
• Experience in continuous fine-tuning of configuration, rules, and policies.
• Proficiency in optimizing response time for data, logs, advanced queries, reports, and dashboards.
• Experience in providing on-the-job training.
• Strong communication and presentation skills for client meetings and senior management interaction.
• Experience in establishing communications with appropriate teams and business units, providing status updates, and tracking/monitoring incident response issues.

Competitive salary and comprehensive benefits package offered.

The ideal candidate must be willing to work in a fast-paced environment and have excellent problem-solving skills.