Principal Information Security Specialist

About The Position

Requirements

• Bachelor's degree in computer science, Cybersecurity, Information Technology, or related fields with 8-12 years' experience in Information Security with at least 3-5 years in a SOC Leadership.
• Strong knowledge of security technology areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc.
• Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as per agreed SLA.
• Hands-on experience with MITRE ATT&K, incident response frameworks such as NIST and SANS.
• Sound knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection).
• Should have sound knowledge of SIEM/EDR/Data Lake/UEBA such as ArcSight, QRadar, Elastic search, SOAR etc. and help team in investigating security issues and/or complex operational issues.
• Should have experienced in the Usecase management lifecycle and stay updated with New Threat threats to integrate in SOC monitoring.
• Should have previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations and cloud monitoring would be add-on.
• Experience in implementing and monitoring Cloud Security controls for AWS and Azure cloud.
• Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases).
• Good organization, communication, and coordination skills are essential for this position.
• This job requires managing projects and delivering services so experience in either project management or ITIL service management is desired.

Nice To Haves

• Any security certifications, such as: GCIH, CISSP, CISM, Security+, CEH, CCSK, or similar industry recognized certifications.
• Project management certifications, such as PMP, Prince2, or CSM.
• Other best-practice IT certifications such as ITIL or COBIT.
• Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
• Experience working in a global team.

Responsibilities

• Lead and manage a team of SOC analysts across various shifts, ensuring 24x7 operational coverage.
• Oversee the monitoring, detection, analysis, and response to cyber threats, incidents and vulnerabilities.
• Establish, document, and refine SOC processes, playbooks, and workflows for consistent and effective response.
• Manage Global and Regional stakeholder, Business Units, SOC services Expansion at group level and Manage Compliance to Global and regional regulators DORA, MAS.
• Coordinate with internal IT, legal, compliance risk, and external stakeholders during security incidents and investigations.
• Drive use case development, detection tuning, and threat hunting initiatives using SIEM, SOAR, and threat Intelligence platforms.
• Implementation of SOC control objectives and drive continuous improvement to SOC Metrics.
• Ensure SOC performance through KPIs, SLAs, and continuous service improvement initiatives.
• Perform regular threat modeling, incident simulations (tabletop exercises), and post-incident reviews.
• Evaluate and recommend new tools, services, capabilities to improve SOC effectiveness.
• Ensure compliance with relevant security standards (e.g., ISO 27001, NIST, GDPR, etc.).
• Mentor and develop SOC team members through coaching, training, and career development plans.
• Support internal and external audit by providing necessary evidences and documentation.
• Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes.
• Develop metrics and reporting programs for senior leadership.
• Project management of Intelligence Lifecycle, including documentation.
• Occasional off-hours and weekend work required.