Security Operations Lead

About Halma:Halma is a global group of life-saving technology companies, driven by a clear purpose. We are an FTSE 100 company with headquarters in the UK and operations in 23 countries, including regional hubs in India, China, Brazil, and the US.Our diverse group of nearly 50 global companies specialise in market leading technologies that push the boundaries of science and technology. For the last 42 years, the combination of our purpose, strategy, people, DNA and sustainable business model has resulted in record long-term growth in revenues and profits and an increase in dividend by ≥ 5% every year– an achievement unrivalled by any company listed on the London Stock Exchange.

Why join us? We are a Great

Place to Work certified organisation, with an employee centric culture anchored on autonomy, trust, respect, humility, work-life balance, team spirit, and approachable leadership. We offer a safe and respectful workplace, where everyone can be who they 'REALLY' are, feel free to bring their whole selves to work and use their unique talents, knowledge, expertise, experiences, and backgrounds to create meaningful outcomes.We nurture entrepreneurial spirits and empower them to think beyond the possibilities, to discover, shape and build their own unique stories.

We promote and support non-linear career growth for the right talent. We are simple, humble and approachable, and we believe in leadership at all levels to bring our purpose to life. Everyone at Halma India makes an impact, and so do you when you join us

Position Objective:We are seeking passionate cyber security professionals for our 24/7 security operations team, who will provide support to Halma Group's centralized infrastructure. Perform real time monitoring on malicious activities, analyse logs looking for attack patterns to ensure infiltration attempts are identified and dealt in a timely manner. He/she will be responsible for managing technical support requests pertaining to Security devices integrated in Halma's infrastructure.

Responsibilities:Lead a team of security analysts through an 8-hour rotational shift schedule. Conduct real-time security monitoring and respond to incidents across various networks utilizing a multitude of tools and methodologies. Maintain support for the group's infrastructure to ensure service levels meet expectations.

Develop and manage Security Information and Event Management (SIEM) use cases. Identify and document incidents through proactive threat hunting procedures. Execute vulnerability assessments within Halma's network infrastructure and collaborate with stakeholders to mitigate identified risks.

Design and refine the Incident Response Playbook for improved reaction protocols. Conduct thorough post-incident analyses to enhance and fine-tune Halma's incident response processes. Scout for innovative control measures and solutions to bolster security.

Actively offer innovative suggestions to advance the performance of Halma IT's services. As a member of the global IT team, promptly address incidents and service requests in accordance with established Service Level Agreements (SLAs). Provide technical support for Halma's security infrastructure, including SIEM, VPN, Antivirus, Endpoint Detection & Response (EDR), and Endpoint Management systems.

Possess a strong understanding of Windows/macOS operating systems, including knowledge of Event Viewer logs, device encryption and Windows Registry. The candidate should possess knowledge of integrating devices with Azure Active Directory and managing device enrolment with Microsoft Intune, as well as configuring Microsoft Defender for endpoint protection. Monitor and manage security incidents for Halma's headquarters and subsidiary companies.

Employ creative problem-solving skills during security incidents and alerts investigations, with a preference for expertise in threat hunting and proactive analysis. Undertake additional tasks such as generating monthly vulnerability reports, conducting ticket hygiene checks, and fostering process improvements. Critical Success factors:Successfully resolve security incidents, infrastructure support & service requests within SLA.Contribute to improving processes, systems and services provided by Halma IT.Qualifications:Bachelor's in computer science/ITPreferred Certifications: -CompTIA Security+, CEH -Microsoft Security certifications like SC-200/SC-300/SC-400Desirable Certifications: -Any SIEM certifications, any Network certificationsExperience:Total experience 5 - 8 yearsAny vendor firewall and Remote Access solutions.

Exposure to security technologies including Incident Response, Microsoft Sentinel. Exposure to Active Directory, Server virtualization and Microsoft technologies. Good to have – Microsoft Defender, Microsoft Intune, Cato Networks (VPN and Firewall), Azure Sentinel, KQL experience.