HCL Software Hiring For SOC Shift Lead_Bangalore

Exp: 10+ only

Location: Bangalore

Send resumes to: mounika-.software with details:

Name:

Exp:

CTC:

ECTC:

Notice period:

Current location:

Primary skills: We are looking for a candidate how is having good exp on all security tools like, cloud security, proxy, dlp, SIEM, EDR, SOAR, automation, threathunting, IPS/IDS, Email security and network security

JD:

HCL Software is looking for a Security Operations Centre (SOC) Shift Lead / Team Lead.

The successful candidate will bring 10+ years of experience in IT Security Operations

and a strong foundation in SOC processes, technologies, and incident management. This

role requires the ability to guide SOC Analysts during live security events, coordinate shift

activities, and ensure operational efficiency in a 24x7 rotational shift environment

(including night shifts).

The Shift Lead / Team Lead will serve as the primary point of contact for their shift,

overseeing security monitoring, incident response, and threat hunting, while ensuring that

escalation and reporting are handled accurately and promptly.

Key Responsibilities

• Oversee SOC shift operations, ensuring consistent monitoring and timely response to

security events.

• Act as the escalation point for security incidents within the shift.
• Lead incident triage, root cause analysis, and forensic evidence collection,

ensuring incidents are properly classified, escalated, and documented.

• Coordinate containment, eradication, and recovery activities during high-severity

incidents.

• Ensure detailed after-action reviews and lessons learned are captured, with

recommendations for preventive measures.

• Conduct shift handovers with complete and accurate information.
• Monitor the use of SOC tools and ensure incidents are investigated per defined

procedures.

• Coordinate threat hunting activities and align with current threat intelligence and

MITRE ATT&CK framework.

• Advise and coordinate with leadership during active incidents and develop SOC-

related metrics via dashboards and/or reports.

• Define and mature SOC playbooks for operational response to cyber threats.
• Work with other SOC leads to improve processes, detection logic, and automation.
• Mentor, coach, and support Analysts in skill development and operational knowledge.
• Liaise with cross-functional teams (Network, Cloud, Application, Legal, Compliance,

Privacy) for end-to-end incident resolution.

• Participate in audit, compliance, and certification processes (ISO 27001, SOC 2,

GDPR, CFIUS, etc.).

• Support resource allocation and scheduling to ensure proper coverage and

workload balance.

• Drive continuous improvement in SOC detection, automation, and workflow

efficiency.

• Maintain knowledge repositories, runbooks, and ensure knowledge transfer across

shifts.

Key Skills

• Deep understanding of cybersecurity concepts: network security, application

security, threat intelligence, incident response, vulnerability management, and

digital forensics.

• Proficiency in enterprise security technologies: EDR/XDR, SIEM, SOAR, IDS/IPS,

DLP, VPN, NGFW, malware analysis, and cloud-native monitoring tools.

• Strong experience with operating systems: Windows, Linux, and macOS.
• Expertise in incident analysis methodologies: log correlation, packet capture,

malware investigation, and threat actor mapping.

• Ability to follow and improve SOC processes, escalation procedures, and detection

playbooks.

• Familiarity with cloud security monitoring (AWS, Azure, GCP).
• Experience conducting security audits, risk assessments, and compliance

checks.

• Strong leadership and people management skills with ability to guide team

performance under pressure.

• Excellent communication skills for both technical teams and senior management.

Mandatory Qualifications

• Bachelors degree in Computer Science, Information Security, or related field.
• 10+ years of SOC/IT Security Operations experience
• Proven track record of handling high-severity incidents and coordinating response

teams.

Desirable Certifications

• Security Certifications: CEH, Security+, CISSP, GCIH, GCIA, GPEN, GSEC, AWS

Security Specialty, or equivalent.

• Leadership/Process Certifications: CISM, CISA, ITIL Foundation (preferred).
• Cloud Certifications: AWS Certified SysOps Administrator, Azure Security

Engineer Associate, Google Professional Cloud Security Engineer.