This role is for one of the Weekday's clients
Salary range: Rs 1500000 - Rs 4500000 (ie INR 15-45 LPA)
Min Experience: 4 years
Location: Remote (India)
JobType: full-time
We are seeking a highly skilled and proactive Security Lead to strengthen our cybersecurity operations and drive the implementation, optimization, and management of advanced security monitoring and response capabilities. This role is ideal for professionals with strong hands-on experience in SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platforms, combined with leadership capabilities and a strategic mindset.
As a Security Lead, you will be responsible for designing, managing, and continuously improving security operations, ensuring effective threat detection, incident response, and automation across the organization. You will play a critical role in safeguarding enterprise systems, data, and infrastructure against evolving cyber threats.
Requirements
Key Responsibilities:
- Lead the implementation, configuration, and optimization of SIEM platforms to enable real-time monitoring, correlation, and analysis of security events.
- Design and deploy SOAR solutions to automate incident response workflows, reduce response time, and improve operational efficiency.
- Develop and maintain use cases, detection rules, dashboards, and alerts within SIEM systems aligned with current threat landscapes.
- Integrate multiple security tools (EDR, IDS/IPS, firewalls, cloud security tools) with SIEM/SOAR platforms for centralized visibility and response.
- Oversee security incident detection, triage, investigation, and remediation processes.
- Lead incident response efforts, including root cause analysis, containment, eradication, and recovery.
- Continuously refine playbooks and runbooks for automated and manual response processes.
- Collaborate with cross-functional teams including IT, DevOps, and compliance teams to ensure robust security controls.
- Mentor and guide junior security analysts and engineers, fostering a strong security culture.
- Stay updated with emerging threats, vulnerabilities, and industry best practices to enhance detection and response capabilities.
Required Skills & Qualifications:
- 4–14 years of experience in cybersecurity, with significant exposure to Security Operations Center (SOC) environments.
- Strong hands-on experience with leading SIEM tools (e.g., Splunk, QRadar, ArcSight, ELK).
- Proven expertise in implementing and managing SOAR platforms (e.g., Cortex XSOAR, Splunk Phantom, IBM Resilient).
- Solid understanding of log analysis, event correlation, and threat detection techniques.
- Experience in creating and tuning SIEM correlation rules and SOAR playbooks.
- Knowledge of common attack frameworks such as MITRE ATT&CK.
- Familiarity with scripting or automation (Python, PowerShell, or similar) is a strong advantage.
- Good understanding of network security, endpoint security, cloud security, and identity management.
- Strong analytical, problem-solving, and decision-making skills.
Preferred Qualifications:
- Certifications such as CISSP, CISM, CEH, or GIAC are a plus.
- Experience working in cloud environments (AWS, Azure, or GCP) with integrated security monitoring.
- Prior experience in leading SOC teams or managing security operations.
