SOC Lead/ Manager (BFSI Sector)

SOC Lead/ Manager (BFSI Sector)

Fulltime Permanent Role

Locations : Sector 125, Noida (Onsite)

Job Description

Department: Cybersecurity / Information Security

Position Overview

We are seeking an experienced Security Operations Center (SOC) Manager with strong

technical and leadership skills suited for the BFSI sector. The candidate must have extensive

experience in SOC operations, incident response, application and API security, DevOps

security practices, and regulatory compliance. The role also requires mandatory knowledge

of the SEBI Cyber Security and Cyber Resilience Framework (CSCRF), applicable to all

Qualified REs.

Key Responsibilities

SOC Leadership & Operations

Lead end-to-end SOC operations including monitoring, alert triage, correlation, and

incident response.

Manage and mentor L1/L2/L3 SOC analysts and ensure round-the-clock coverage.

Maintain and enhance SOC runbooks, escalation matrices, and response playbooks.

Drive continuous improvement in detection engineering, SOC tooling, and threat hunting.

Incident Management

Lead and coordinate incident response activities from detection to recovery.

Conduct root cause analysis and prepare regulatory-compliant incident reports.

Facilitate periodic cyber drills and tabletop exercises as mandated under CSCRF.

Liaise with IT, DevOps, Application Teams, and business functions during incidents

affecting applications, APIs, or services.

Threat Intelligence & Monitoring

Integrate industry-specific threat intelligence focused on BFSI threat vectors.

Tune alerts and detections based on adversarial tactics (MITRE ATT&CK).

Perform proactive threat hunting across logs, applications, APIs, and networks.

Compliance & Regulatory Requirements (Mandatory SEBI CSCRF)

Access Control

Network Security

Application Security

Security Operations

Incident Response

Continuous Monitoring

Red Teaming/VA-PT

Party/Cloud Security

Technology & Platform Management

Manage SIEM, SOAR, EDR/XDR, UEBA, threat intel platforms, and logging infrastructure.

Ensure comprehensive log onboarding from applications, APIs, DevOps tools, and cloud

workloads.

Enhance automation workflows using SOAR and AI-based detections.

Application, DevOps, and API Security (Mandatory)

Understanding of OWASP Top 10 and secure SDLC.

DevOps CI/CD pipeline security knowledge.

API security monitoring, OWASP API Top 10, gateway monitoring, token validation.

Experience with application logs, authentication, rate-limiting, and anomaly detection.

Reporting & Governance

Prepare dashboards, compliance reports, and incident summaries for leadership and

regulators.

Maintain audit evidence and regulatory documentation.

Conduct lessons-learned and implement corrective actions.

Required Skills & Qualifications

Technical Skills

SOC operations, SIEM, SOAR, EDR/XDR, UEBA expertise.

Application security, API security, DevSecOps, cloud security knowledge.

Networking, firewalls, IDS/IPS, ZTNA, DNS security.

Regulatory Knowledge

SEBI CSCRF requirements for Qualified REs.

RBI cybersecurity guidelines, DPDP Act.

Experience preparing regulatory reports and compliance documents.

Leadership Skills

Strong team management and communication skills.

Ability to operate under pressure during major incidents.

Educational Requirements

Bachelors degree in Computer Science or related field.

Preferred certifications: CEH, OSCP, GCIH, GCIA, CISSP, CCSP, CISM.