Manager - IT Security Operations

John Cockerill, enablers of opportunities

Driven since 1817 by the entrepreneurial spirit and thirst for innovation of its founder, the John Cockerill Group develops large-scale technological solutions to meet the needs of its time: facilitating access to low carbon energies, enabling sustainable industrial production, preserving natural resources, contributing to greener mobility, enhancing security and installing essential infrastructures. 

Its offer to businesses, governments and communities consists of services and associated equipment for the sectors of energy, defence, industry, the environment, transports, and infrastructures. With over 6,000 employees, John Cockerill achieved a turnover of € 1,209  billion in 2023 in 29 countries, on 5 continents.

Location: Navi Mumbai

Job Purpose

As a Security Operations Senior Specialist will be responsible for implementing and managing the SIEM solution (Rapid7) deployed and performing L2 activities for Security Incidents in JOHN COCKERILL. You should be able to manage the SIEM tool as administrator and react on the escalated Security Incidents from L1 Team. You will also be responsible for overseeing monitoring SOC capabilities to improve the efficiency ensuring our Environment is secured. The team's mission is to manage the SIEM tool, ensure all new core infrastructure components are added to the SIEM for incident management and monitoring, reacting to potential threats in JOHN COCKERILL Environment, analyse the severity and scope of the issue and work with the Cybersecurity Incident Management and Response Team to contain, mitigate and remediate the issue. In addition, the team is also responsible for providing the ideas to constantly improve the monitoring and detection capability.

Key Responsibilities

• Responsible for implementing and managing the SIEM tool (Rapid 7)
• Responsible for L2 activities for Security Incidents as part of SOC
• Adding all new servers, network equipment, security tools, cloud workloads to the SIEM for incident management and monitoring
• Triaging, investigating and management of ongoing Security Incidents which come as escalations from L1 team, and oversees the SOC monitoring capabilities and reporting of security related events.
• Support in the creation of operational documents such as- use cases, play/run books and training materials for incident response, and ensures regular updating of these documents.
• Support in the creation of various metrics, reporting, review of incident progress to Operations Manager
• Communicate potential threats, suspicious/anomalous activity, malware, etc., to the Security SOC provider, and be a point of contact for JOHN COCKERILL Cybersecurity issues
• Continuously improve processes for use across multiple detection sets for more efficient operations
• Should be responsible for Cybersecurity incident management and own the Incident under resolution
• Provide remediation advice and assist incident response team in security incident response activities, escalate if required
• Should be adoptable to work with multi-vendor organization
• Working across different cultures and organizations

Education & Experience

• Bachelor of Engineering.
• Overall 5+ Years in System Infrastructure with 3+ Years in Security Operations

Background, Skills and Competencies

Soft skills:

• Excellent problem-solving skills
• Good oral and written communication skills
• Customer and service oriented
• Team player, sharing information spontaneously
• Pragmatic and solution-oriented Organized and rigorous 
• Available and flexible
• Autonomous, self-taught, responsible.

Technical skills:

• Rapid 7/Arcsight/Splunk/IBM QRadar tool administration, configuration and report writing skills are mandatory (any one tool)
• Certifications in Cybersecurity like COMPTIA+, CISSP or other specialized security certifications would be added advantage, cybersecurity fundamental concepts
• Minimum 5 years of relevant experience in managing large Windows server based platforms
• Very good knowledge of Windows operating systems and working knowledge of Microsoft Active Directory, ADFS, Exchange, IIS, SCCM
• Knowledge of Powershell scripts for the automation and management of Windows infrastructure
• Knowledge of Office365 and Azure
• Knowledge of network switching: TCP/IP, subnetwork calculations, VLAN concepts, firewall, NAT
• Installation of active devices in data center
• Good knowledge of MITRE attack
• Mandatory experience in pen test tools (PenTera, Kali Linux)
• Should possess in-depth knowledge on Network Security, Endpoint security etc
• Mandatory experience in working with Microsoft security landscape, e.g. Microsoft defender ATP, Microsoft cloud App security, Office ATP, Azure AD identity protection, Azure Security center, Azure sentinel.
• Should be having knowledge on ITIL Process

Equal Opportunity Employer 

John Cockerill and all John Cockerill Companies are equal opportunity employers that evaluate qualified applicants without regard to race, color, national origin, religion, ancestry, sex (including pregnancy, childbirth and related medical conditions), age, marital status, disability, veteran status, citizenship status, sexual orientation, gender identity or expression, and other characteristics protected by law.

John Cockerill offers you career and development opportunities within its various sectors in a friendly working environment. 

Do you want to work for an innovative company that will allow you to take up technical challenges on a daily basis?

We look forward to receiving your application and to meeting you

Discover our job opportunities in details on