Senior Cyber Security Admin- L2

Job Title

Senior Cyber Security Admin- L2

Location

Delhi, Vadodara, Hyderabad

Reporting To

MIS Infrastructure & Operations Manager

Business Context

Transformer manufacturing organization with US production plants and India-based engineering/design operations. The environment includes enterprise IT, cloud platforms (Microsoft 365, Azure, AWS), multiple remote sites, and shopfloor/OT-connected systems under centralized governance.

Role Summary

The Senior Cyber Security Administrator is responsible for the secure, reliable, and compliant operation of on-premises, cloud, endpoint, network, and shopfloor-connected systems. This role owns day-to-day cybersecurity operations, vulnerability management, incident response, patch governance, security awareness, and continuous improvement of the organizations security posture across IT and OT environments.

Key Responsibilities

A. Security Strategy & Governance

Define, implement, and enforce cybersecurity policies, standards, SOPs, and access controls aligned with industry best practices and NIST frameworks.

Drive security architecture improvements, system hardening, segmentation, and control tuning.

Track emerging threats, advisories, and vulnerabilities; recommend risk-based mitigation strategies.

B. Security Operations (IT & OT)

Deploy, manage, and maintain security controls including firewalls, IDS/IPS, endpoint AV/EDR, email security, encryption/PKI, logging, and secure baselines.

Monitor and analyze logs from servers, endpoints, firewalls, and applications; investigate anomalies and lead remediation efforts.

Manage identity and access controls across AD/Entra ID, privileged access, and periodic access reviews.

Coordinate network security changes (LAN/WAN, VPN, Wi-Fi, segmentation) with Network and Plant IT teams.

Provide on-call support for high-priority security incidents impacting production or business operations.

C. Vulnerability Management & Patch Governance

Plan and execute Vulnerability Assessment and Penetration Testing (VA/PT) across servers, endpoints, networks, web applications, cloud workloads, and applicable shopfloor systems.

Track findings to closure using risk-based prioritization and validate post-remediation effectiveness.

Own security patch management for Microsoft and third-party platforms; coordinate maintenance windows to minimize manufacturing impact and track compliance.

D. Incident Response & Recovery

Lead site-level and enterprise incident response activities including triage, containment, eradication, recovery, and RCA.

Implement corrective and preventive actions, validate controls, and update runbooks and DR procedures.

Support and periodically test Disaster Recovery and Business Continuity plans.

E. Cloud & Platform Security

Secure Microsoft 365 and Azure environments: Conditional Access, Defender suite, Secure Baselines, Intune/MDM, and email protection.

Manage AWS security controls including IAM, security groups, logging, KMS, and vulnerability workflows.

Ensure protection of data at rest and in transit across on-prem and cloud environments.

F. Awareness, Audit & Reporting

Design and deliver cybersecurity awareness programs, including phishing simulations, with measurable outcomes.

Support internal and external audits; ensure compliance with security and governance requirements.

Produce periodic cybersecurity reports covering incidents, vulnerabilities, patch status, and risk posture.

Maintain accurate documentation: runbooks, diagrams, asset inventories, and security baselines.

G. Leadership & Collaboration

Drive Jira-based security ticket management with clear ownership, SLAs, and escalation paths.

Mentor junior team members and work closely with Infrastructure, Network, Cloud, and Application teams to embed security into operations and projects.

Tools & Environment (Indicative)

Email security: Mimecast or equivalent

Endpoint security: AV / EDR / Device Control

Microsoft security: Defender suite, Entra ID, Intune, Conditional Access

Vulnerability management: Tenable / Qualys / Rapid7 (or equivalent)

SIEM / logging platforms

Patch management: WSUS, SCCM, Intune, third-party patching

Ticketing: Jira

Cloud platforms: Azure/M365 and AWS

Experience

Minimum 8+ years of experience in cybersecurity operations, governance, vulnerability management, and incident response within enterprise environments.

Education

Bachelors degree in engineering (BE/BTech) or Postgraduate degree in Computer Science, IT, Cybersecurity, or a related field.

Equivalent professional experience may be considered.

Certifications

CISA or CISM preferred.

Strong alignment or practical experience with NIST security frameworks is required.

CISSP, Security+, CEH, Microsoft or AWS Security certifications are a strong advantage.

Technical & Professional Skills

Strong hands-on expertise with firewalls, IDS/IPS, AV/EDR, encryption, vulnerability management, and secure configurations.

Solid understanding of TCP/IP, networking, VPNs, and segmentation.

Experience with Windows Server, AD/Entra ID, Microsoft 365, Azure, and AWS.

Exposure to manufacturing or OT security environments is a plus.

Personal Attributes

Proactive and risk-focused mindset with strong analytical skills.

Clear communicator with the ability to work across technical and non-technical teams.

Highly organized, detail-oriented, and capable of owning outcomes under pressure.