More jobs:
Job Description & How to Apply Below
Job Location:
Mumbai (Andheri)
Years of
Experience:
7+
Mandatory Skill sets:
Log Parsing, API Integration, DAM Guardium, QNI, REST API Integration, SOAR
Key Responsibilities
1. Security Monitoring & Threat Detection
Monitor trading and clearing platforms, APIs, and connectivity gateways for anomalies, misconfigurations, and security vulnerabilities.
Support and maintain UAT and Production SIEM/DAM environments across DC & DR .
Continuously monitor for threats using SIEM, network telemetry, behavioral analytics, and log intelligence.
Integrate and manage SIEM, SOAR, XDR, IDS/IPS, UEBA , and threat intelligence feeds for end-to-end visibility.
2. Threat Intelligence & Incident Response
Track zero-day vulnerabilities , emerging cyber threats, and APT campaigns targeting financial markets.
Lead incident triage, in-depth investigation, containment, eradication, and recovery.
Perform root cause analysis and conduct post-incident reviews to prevent recurrence.
Coordinate critical incidents with regulatory authorities like SEBI, CERT-In, and RBI , and liaise with law enforcement when required.
Conduct red/blue team exercises, tabletop simulations , and cyber drills to assess cyber-resilience.
3. SOC Operations & Platform Optimization
Manage and optimize SOC tools, analytics engines, dashboards, correlation rules, and alerting logic.
Drive automation using SOAR playbooks, ML-based anomaly detection , and custom scripts to reduce MTTR.
Collaborate with NOC, fraud monitoring, IT operations, and BCP/DR teams for holistic enterprise-wide resilience.
Ensure forensic readiness, proper log management, and retention as per regulatory standards.
4. Compliance, Governance & Regulatory Reporting
Support regulatory reporting and ensure adherence to guidelines mandated by SEBI, CERT-In, and RBI.
Implement and run proactive threat-hunting programs to identify threats before exploitation.
Work with architecture and engineering teams to continuously enhance detection and prevention controls.
Develop and maintain SOC policies, SOPs, runbooks, and incident response playbooks following industry best practices.
Implement and maintain a SOC Maturity Roadmap to strengthen detection, response, and recovery capabilities.
Required Skills & Experience
Minimum 6 years of hands-on experience with IBM QRadar (administration, rule tuning, log onboarding, dashboards, AQL, DSM, correlation logic, performance optimization).
Strong experience in SIEM/SOC operations, incident response, and threat detection.
Understanding of financial-services threat landscape, especially around trading/clearing systems.
Experience with SOAR, XDR, IDS/IPS, UEBA, threat intelligence, and other SOC ecosystem tools.
Ability to engage with regulators and manage major incidents in compliance-heavy environments.
Strong analytical thinking, problem-solving skills, and communication abilities.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×