Cybersecurity Incident Response Team LeadSanganan IT Solutions Pvt Ltd. • Noida, Republic Of India, IN
Cybersecurity Incident Response Team Lead
Sanganan IT Solutions Pvt Ltd. • Noida, Republic Of India, IN
30+ days ago
Job descriptionLead and supervise the SOC team across L1 (Monitoring / Triage), L2 (Investigation / Response), and L3 (Threat Hunting / Engineering) functions. Set clear roles, escalation workflows, and KPIs across tiers; Conduct regular performance reviews and targeted skill gap analysis. Promote collaboration, accountability, and continuous learning across junior and senior analysts. Foster readiness to handle high-severity security events through coaching and simulated training. Act as the final escalation point for critical, complex, or ambiguous incidents that exceed Level 3 thresholds. Ensure effective triage, investigation, containment, and recovery workflows across all incident types. Support 24 / 7 monitoring operations, ensuring shift efficiency, proper documentation, and accurate escalation. Oversee the tuning and effectiveness of detection content, ensuring false positive reduction and high-fidelity alerting. Ensure timely delivery of Weekly Threat Intelligence Digests, Biweekly Alert Tuning Reports, and Monthly / Quarterly MSSP Reports. Review and validate customer-facing deliverables for accuracy, quality, and insight. Lead or support monthly service review meetings and quarterly executive briefings with MSSP clients. Track and report SOC performance against SLA / KPI metrics such as MTTD, MTTR, FPR, and escalation compliance. Lead planning, execution, and reporting of Quarterly Incident Response Tabletop Exercises across MSSP environments. Collaborate with stakeholders from technical, compliance, and business functions to simulate realistic attack scenarios. Ensure deliverables include scenario documentation, participant actions, gaps identified, and remediation plans. Own the development, maintenance, and continuous improvement of SOC playbooks, SOPs, and runbooks across tiers. Align SOC processes with customer onboarding requirements (log source validation, escalation matrix, SLA definitions, tooling integration). Drive change control and governance for detection rule updates, log onboarding, and tooling enhancements. Collaborate with L3 analysts to ensure threat intelligence is operationalized into detection content and hunt scenarios. Stay informed on industry trends, APT groups, and emerging TTPs, ensuring the SOC adapts proactively. Bachelor’s degree in Information Security, Computer Science, or a related technical field. Postgraduate education or executive leadership courses are advantageous. Required : Microsoft Certified : Security Operations Analyst Associate. Preferred : Advanced knowledge of Microsoft Sentinel , KQL, and SOAR workflows. Deep understanding of incident response, MITRE ATT&CK, threat intelligence, and SOC toolchains (EDR, UEBA, TIPs). Familiarity with multi-tenant MSSP platforms, SIEM tuning, and SOC metrics reporting. Knowledge of log source onboarding, change control processes, and secure communication protocols. Strong leadership, coaching, and delegation skills across junior and senior technical roles. Proven ability to translate technical findings into business-relevant impact. Excellent communication and documentation skills for both technical teams and C-level stakeholders. Organized, resilient, and calm under pressure, especially during major incident escalations and executive briefings. 8-10+ years in cybersecurity or SOC operations, including 3-5+ years in a leadership role. Prior experience managing multi-tier SOC teams or leading detection and response operations in an MSSP is highly preferred.
Job Title : Team Lead - Security Operations Center (SoC)
Location : Noida / Singapore Office
- WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME
- Short notice period or immediate joiners are preferred.
Job Overview :
As the SOC Team Lead, you will oversee the daily operations and strategic direction of a multi-tiered Security Operations Center comprising Level 1, Level 2, and Level 3 SOC Analysts. You will ensure delivery of high-quality monitoring, detection, response, and threat intelligence services across internal and MSSP customer environments. In this leadership role, you’ll be responsible for analyst performance, escalation handling, service delivery compliance, and technical excellence. You will also lead the coordination of quarterly incident response exercises, customer reporting, and continuous process improvement initiatives.
This position plays a pivotal role in bridging tactical SOC operations and strategic business outcomes, reporting to the SOC Manager or Head of Cybersecurity Services.
Key Responsibilities :
1. Team Leadership & Tiered Analyst Management
ensure consistent coverage, shift rotations, and SLA adherence.
2. SOC Operations Oversight
3. Customer Reporting & MSSP Service Quality
4. Incident Response Tabletop & Planning
5. Process Development & Optimization
6. Threat Intelligence & Strategic Defense
Required Skills & Qualifications :
1. Education :
2. Certifications :
o CompTIA CySA+, CISSP, or equivalent certifications.
o GIAC (e.G., GCIA, GCIH, GMON)
o CISSP or CISM
o ITIL Foundation or service management certifications
o English Language Proficiency : IELTS (6.5+), TOEIC (800+), TOEFL (90+), or BEC Vantage
3. Technical Skills :
4. Leadership & Soft Skills :
Experience :
Create a job alert for this search
Cybersecurity Incident Response Lead • Noida, Republic Of India, IN
Related jobs
)
Problem Manager
Mphasis • Ghaziabad, IN
Problem Manager & Major Incident Manager.The Problem Manager, following ITIL V4 best practices, is responsible for the efficient and effective management of IT problems and incidents to minimize th...Show more
Last updated: 7 days ago • Promoted
Cybersecurity Incident Response Specialist
Deloitte • Delhi, Delhi, India
India's impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations ...Show more
Last updated: 5 hours ago • Promoted • New!
CSS Incident Manager
Atlassian • Ghaziabad, IN
Atlassians can choose where they work – whether in an office, from home, or a combination of the two.That way, Atlassians have more control over supporting their family, personal goals, and other p...Show more
Last updated: 8 days ago • Promoted
Team Lead
Network People Services Technologies Ltd. (NPST- Banking and Payment Solutions) • Noida, Uttar Pradesh, India
India has witnessed a journey of Innovation in Digital Payments and today it leads the world with over 45% of the Global digital transaction volume.
At NPST, we believe that our decade long journey ...Show more
Last updated: 15 days ago • Promoted
Co-Founder (VP / CISO / Head of Cybersecurity)
Secure Mojo • Ghaziabad, IN
At SecureMojo, we are on a mission to redefine personal cyber protection.With cybercrime becoming one of the fastest-growing threats to individuals worldwide, we’re building the Ultimate Cyber Prot...Show more
Last updated: 1 hour ago • Promoted • New!
Manager- Cyber Defense Center
EXL • Noida, Uttar Pradesh, India
Manager – Cyber Defense Center.Managing CDC operations @ 24 • 7.Understanding of alerts (SIEM, EDR, DLP), handling escalations, communications, notifications of higher priority incidents.Respond to ...Show more
Last updated: 19 days ago • Promoted
Cybersecurity Awareness Manager
EXL • Noida, Uttar Pradesh, India
We are looking for a dynamic and experienced Cybersecurity Awareness Manager to lead the development and execution of security awareness initiatives across the organization.The ideal candidate will...Show more
Last updated: 19 days ago • Promoted
Senior Information Security Operations Analyst
Cognex Corporation • Noida, Uttar Pradesh, India
As a Senior Information Security Operations Analyst, you will lead the strategic development, implementation, and adoption of the overall Information Security Program.
You will lead the investigatio...Show more
Last updated: 28 days ago • Promoted
Renewals Specialist – Cybersecurity
Denave • Noida, Uttar Pradesh, India
We are seeking a proactive and results-oriented.This role is pivotal in driving pipeline growth, accelerating revenue, and ensuring customer retention by qualifying renewal opportunities, engaging ...Show more
Last updated: 6 days ago • Promoted
Senior Manager – IT Risk, Audit & Compliance (ITGC / SOX / ERP Controls)
RGP • Ghaziabad, IN
RGP is seeking a highly experienced.Senior IT Risk & Assurance Consultant.SOX 404 / ICOFR Assessments, IT General Controls, ERP Security & Controls, Cybersecurity, Data Privacy, and Risk Advisory s...Show more
Last updated: 1 hour ago • Promoted • New!
Cybersecurity Officer – SCG India
SCG • New Delhi, Delhi, India
SCG’s entry into India emphasizes.The Cybersecurity Officer safeguards SCG’s systems, data, and networks against threats, ensuring.
Monitor security alerts, incidents, and system vulnerabilities.Imp...Show more
Last updated: 30+ days ago • Promoted
Technical Lead / Solution Architect (Cloud Eventing & Notifications) - Safety / RTLS MVP
XTEN-AV • Noida, Uttar Pradesh, India
Lead Engineer – Safety & Presence Platform.Noida (with 3–4 hours overlap with EST).Platform Engineering – Safety & Presence.
Lead a small, high-impact squad (2 senior full-stack engineers with share...Show more
Last updated: 15 days ago • Promoted
Team Lead
ALTISOURCE BUSINESS SOLUTIONS PRIVATE LIMITED • Ghaziabad, IN
Willing to work in night shift.Lead the property inspection operations in a multi-client environment ensuring adherence to service level agreements and quality standards.
Track team perfoJob Descrip...Show more
Last updated: 19 days ago • Promoted
Team Lead
Zensar Technologies • Ghaziabad, IN
ZENSAR -TEAM LEAD | PROJECT MANAGER OPPORTUNITY FOR GEN AI PROJECT.Dear Aspirant, Greetings from Zensar!!.We are a technology consulting and services company with over 11,500 associates in 33 globa...Show more
Last updated: 25 days ago • Promoted
Cyber Security (SOC) - Team Lead
Sanganan IT Solutions Pvt Ltd. • Noida, Uttar Pradesh, India
Team Lead - Security Operations Center (SoC).WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME.
Short notice period or immediate joiners are preferred.As the...Show more
Last updated: 30+ days ago • Promoted
Cybersecurity Lead(6 months contract)
Sekuro Asia • Ghaziabad, IN
Our client oversees and operates digital asset-related businesses.Our client aims to transform the financial industry by building a tech-enabled institutional grade ecosystem for issuance, distribu...Show more
Last updated: 7 days ago • Promoted
Azure Integration Services Lead
Tata Consultancy Services • Delhi, India, India
Skill : - Azure Integration Services.Looking for immediate joiners •.Working strong experience on API as well as Azure Integration Services applications in Development environment.Understanding of SD...Show more
Last updated: 22 days ago • Promoted
Senior Manager Risk Management
EXL • Noida, Uttar Pradesh, India
Minimum 8 years of experience in conducting cyber risk assessments in domains such as enterprise security, access management, VAPT, SOC, Endpoint Security, Cloud Security (IaaS, SaaS, PaaS), Data P...Show more
Last updated: 19 days ago • Promoted