P

SOC / Security Operations Lead

Paytm · Noida, Uttar Pradesh

8–15 yrs experienceFull-time EmploymentPosted Today
Apply now →

Job description

Role Summary We are seeking an experienced SOC / Security Operations Lead to oversee and strengthen the organization's Security Operations Center (SOC), threat detection, incident response, vulnerability management, data protection, and security monitoring capabilities. The ideal candidate will possess extensive experience in managing enterprise security operations, SIEM/SOAR platforms, threat hunting, incident response, DLP, endpoint security, and vulnerability management programs. The role requires leadership of a multi-functional security operations team responsible for protecting critical business systems, customer data, and digital assets while ensuring compliance with RBI regulations and industry security standards. Key Responsibilities Security Operations Center (SOC) Management -Lead and manage 24x7 Security Operations Center (SOC) functions. -Establish and enhance SOC processes, playbooks, escalation procedures, and operational metrics. -Ensure timely detection, triage, investigation, containment, and remediation of security incidents. -Develop SOC maturity roadmaps aligned with industry best practices and regulatory expectations. -Monitor security KPIs, SLAs, MTTR, MTTD, and incident response effectiveness. SIEM, XSIAM & Threat Detection -Lead implementation, administration, and optimization of: -Palo Alto Cortex XSIAM -SIEM Platforms -SOAR Platforms -UEBA Solutions -Threat Intelligence Platforms -Develop and tune correlation rules, detection logic, and analytics use cases. -Enhance detection coverage across cloud, endpoints, applications, networks, and third-party environments. -Drive threat hunting and proactive security monitoring initiatives. Incident Response & Threat Management -Lead enterprise cyber incident response activities. -Develop and maintain incident response plans, runbooks, and communication procedures. -Coordinate investigations involving malware, ransomware, phishing, insider threats, account compromise, fraud, and advanced attacks. -Conduct post-incident reviews and root cause analysis. -Collaborate with business, technology, legal, risk, and compliance teams during major incidents. Data Loss Prevention (DLP) & Data Security -Own enterprise DLP strategy and operations. -Manage DLP controls across: -Endpoint DLP -Email DLP -Cloud DLP -Web DLP -SaaS Applications -Monitor and investigate data leakage incidents. -Ensure data protection controls align with regulatory and business requirements Vulnerability Management -Lead enterprise vulnerability management program leveraging: -Qualys -Cloud Vulnerability Management Solutions -Web Application Vulnerability Scanners -Establish vulnerability assessment and remediation processes. -Drive closure of critical and high-risk vulnerabilities within defined timelines. -Present risk exposure and remediation status to leadership and governance forums. Endpoint & Security Control Management -Oversee endpoint security technologies including: -EDR/XDR Solutions -Anti-Malware Platforms -Endpoint Compliance Controls -Device Control Technologies -Partner with infrastructure and cloud teams to strengthen enterprise security posture. Regulatory Compliance & Audit Support -Ensure security operations processes comply with: -RBI Cyber Security Framework -RBI Master Directions -PCI-DSS -ISO 27001 -NIST Cyber Security Framework -CERT-In Requirements -Support RBI inspections, internal audits, external audits, and regulatory reviews. -Provide evidence, metrics, and reporting required during audits and assessments. Threat Intelligence & Fraud Monitoring -Consume and operationalize threat intelligence feeds. -Coordinate monitoring for fraud campaigns, phishing attacks, fake APK distribution, credential compromise, and external threats. -Establish processes for threat intelligence-driven detection engineering. Leadership & Stakeholder Management -Lead and mentor SOC analysts, incident responders, vulnerability management analysts, and DLP specialists. -Define team objectives, performance metrics, and career development plans. -Provide executive-level reporting on threat landscape, incident trends, and risk posture. -Collaborate closely with Cloud Security, Application Security, Infrastructure, Fraud Risk, and Business teams. Required Qualifications Education -Bachelor's or Master's degree in Computer Science, Information Security, Engineering, or related field. Experience - 15+ years of Information Security experience. -Minimum 8+ years managing Security Operations or SOC teams. -Experience operating enterprise-scale SOC environments. -Prior experience within Banking, FinTech, Payment Aggregators, NBFCs, or other regulated industries is highly preferred. Technical Expertise -Cortex XSIAM -SIEM Platforms -SOAR Platforms -Threat Hunting -Threat Intelligence -Incident Response -Digital Forensics Coordination -Data Loss Prevention (DLP) -Vulnerability Management -Qualys VMDR -Endpoint Detection & Response (EDR/XDR) -Email Security -Cloud Security Monitoring -Security Analytics -MITRE ATT&CK Framework -Security Automation & Orchestration Preferred Certifications -CISSP -CISM -GIAC Certified Incident Handler (GCIH) -GIAC Certified Forensic Analyst (GCFA) -Certified Ethical Hacker (CEH) -CompTIA Security+ -Palo Alto Cortex XSIAM Certifications -Qualys VMDR Certifications -ISO 27001 Lead Implementer / Lead Auditor Key Competencies -Security Operations Leadership -Incident Command & Crisis Management -Threat Detection Engineering -Analytical & Investigative Skills -Risk-Based Decision Making -Regulatory Compliance Management -Stakeholder Communication -Team Development & Mentoring Success Metrics -Reduction in Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). -Improved threat detection coverage and SOC maturity. -Timely remediation of critical vulnerabilities. -Reduction in recurring security incidents. -Successful completion of RBI, PCI-DSS, and internal audits.