Cyber Security Lead-Cyber Security Analyst

Job Description

Role Overview

1. L3 Cybersecurity Operations Coordinator acting as a CSIRT/SOC relay between local business teams and global CDOC
2. Ensures rapid incident response, escalation management, and stakeholder coordination
3. Bridges business, functional, and technical cybersecurity operations

Key Responsibilities

Cybersecurity Operations & Coordination

1. Act as primary cybersecurity contact for local sites
2. Coordinate with global SOC/CDOC teams for operational alignment
3. Ensure proximity-based support for critical assets and business priorities

Incident Response & Escalation Management

1. Handle L3 incident escalation and complex case coordination
2. Lead incident triage, mitigation tracking, and remediation follow-up
3. Support end-to-end incident lifecycle (detection → containment → recovery)

Advanced Incident Handling (L3 Support)

1. Manage critical and non-standard cybersecurity incidents
2. Lead containment, threat eradication, and system restoration
3. Validate secure remediation and recovery actions

Crisis & Major Incident Management

1. Support CSIRT-led crisis management during major cyber incidents
2. Coordinate cross-functional response during high-impact events

Stakeholder Management & Communication

1. Act as bridge between technical teams and business stakeholders
2. Ensure bi-directional communication (site ↔ SOC/CDOC)
3. Provide status updates, impact analysis, and action visibility

Requirements Translation & Solution Alignment

1. Translate business/security requirements into technical controls
2. Support global cybersecurity solution alignment with local constraints

Continuous Improvement & Process Optimization

1. Drive SOC/CDOC process improvements and operational efficiency
2. Promote best practices, knowledge sharing, and service enhancement

Key Skills & Competencies

1. SOC / CDOC Operations
2. CSIRT Coordination
3. Incident Response (L3 / Advanced)
4. Cyber Incident Management & Escalation
5. Threat Mitigation & Remediation
6. Crisis Management
7. Stakeholder Management
8. Security Operations (SIEM, Sentinel, Logic Apps)
9. Risk & Impact Alignment
10. Process Improvement & Automation

Total Experience Expected: 08-10 years

Qualifications

1. Engineering graduate - preferably B.E. /B tech in I.T or Computer Engineering

Mandatory Certification

1. SC-200: Microsoft Security Operations Analyst
2. BLT1: Blue Team Level 1
3. GCIH or GCFE/GCFA (or equivalent to IR credential)

Good to have

1. CISSP/CISM

Tools & Technologies

1. SIEM platform: Microsoft Sentinel, QRadar or Splunk/ELK
2. EDR platform: CrowdStrike and/or Defender
3. Large enterprise or critical infrastructure with IT/OT boundaries

Good to have

Logic Apps, SOAR platforms, Threat intel platforms (MISP / OpenCTI)

Automotive or manufacturing, OT/ICS security, experience in 24/7 SOC

Additional Information

Support Hours 24x7 to be followed

At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.

All of our positions are open to people with disabilities.