Talent.com
This job offer is not available in your country.
Infosec - Technical Lead

Infosec - Technical Lead

ConfidentialHyderabad / Secunderabad, Telangana
30+ days ago
Job description

POSITION RESPONSIBILITIES

Percent of Time : 100%

  • Review and oversee 24 / 7 / 365 SOC operations, ensuring efficient threat detection, triaging, response, and remediation. Collaborate closely with Threat Intelligence, Vulnerability Management, and Incident Response teams to proactively mitigate emerging threats and vulnerabilities.
  • Provide hands-on leadership to a team of L1 and L2 security analysts and engineers, mentoring them in technical execution, incident analysis, and security tooling optimization to drive operational excellence across Security Operations, Vulnerability Management, and Data Protection.
  • Develop and maintain security reporting, KPIs, and dashboards for senior leadership, providing technical insights into SOC, Vulnerability Management, DLP, CASB, OT Security, and Threat Intelligence performance while continuously identifying areas for improvement.
  • Lead all technical aspects of security incident investigations within the SOC, ensuring rapid containment, remediation, and recovery while working in collaboration with Threat Intelligence, OT Security, and DLP teams to mitigate risks across IT and OT environments.
  • Conduct root cause analysis and forensic investigations, working with the IR / SOC team to refine detection methodologies, improve response workflows, and prevent future security incidents.
  • Develop and enhance security policies, procedures, and playbooks, focusing on standardizing technical operations across Security Operations, Data Protection, Vulnerability Management, and OT Security, ensuring alignment with industry best practices.
  • Oversee the deployment, integration, and continuous tuning of security technologies such as SIEM, EDR, SOAR, and DLP / CASB, ensuring optimal configuration to support threat detection, response, and data protection initiatives.
  • Enhance SIEM content development, creating high-fidelity alerts that align with SOC, Threat Intelligence, and OT Security objectives, while optimizing alert tuning and reducing false positives.
  • Ensure effective log ingestion, correlation, and analysis from critical infrastructure, applications, cloud, and OT environments, enabling SOC teams to detect and respond to threats effectively.
  • Lead technical integrations between SIEM, EDR, SOAR, threat intelligence platforms, and DLP solutions, improving automated response, security visibility, and data protection measures.
  • Drive vulnerability scanning initiatives, collaborating with the Vulnerability Management lead to integrate findings into threat detection, risk mitigation, and remediation workflows.
  • Identify and implement automation opportunities, optimizing SOC workflows, security awareness, and remediation through SOAR and automation frameworks.
  • Improve threat hunting methodologies and detection engineering, leveraging insights from Threat Intelligence and SOC teams to enhance detection efficacy and response times.
  • Ensure seamless coordination with Threat Intelligence teams, integrating intelligence feeds into SIEM, SOAR, and EDR platforms to proactively detect and defend against emerging threats.
  • Collaborate with Zoetis leads and external vendors to conduct red / purple team exercises and tabletop simulations, working with SOC and Vulnerability Management teams to strengthen detection, response, and overall security preparedness.
  • Support Security Awareness initiatives, partnering with the Security Awareness team to drive phishing simulations, targeted security training, and awareness campaigns to improve end-user security behavior.
  • Work closely with IDAM, IT, Infrastructure, Cloud, and Networking teams to integrate security controls, enhance vulnerability remediation, and embed security best practices into system architecture and operations.
  • Evaluate and recommend new security tools and technologies, assessing their technical impact on SOC, Vulnerability Management, Threat Intelligence, and Data Protection strategies while ensuring seamless integration with existing security operations.

ORGANIZATIONAL RELATIONSHIPS

  • Take direction from the ZICC-based InfoSec Program Lead and US-Based Head of Information Security
  • Close interaction with the US-based InfoSec team
  • Part of global Technology Risk Management organization, reporting to CISO
  • Interacting with ZTD Infrastructure teams : Platform Services, IT Service Desk & Site Services, Global Network Services, and Digital Workplace Services
  • Interacting with external vendors or partners for software / services / API integrations
  • Collaboration with implementation partners for deployment and configuration of integrated solutions

    • Supervision :

    Approximately 25–30 ZICC colleague members of the InfoSec team.

    EDUCATION AND EXPERIENCE

    Education :

  • University Degree in Computer Science, Information Systems, Business Administration, or related field is required
  • A Master's degree or advanced certifications (e.g., CISSP, CISM, CRISC) desirable
  • Relevant certifications in infrastructure security and vendor tools (e.g., CrowdStrike, Palo Alto, Tenable, Symantec, Netskope, CASB) highly preferred

    • Experience :

  • 13+ years in Security Operations, engineering, and architecture
  • Proven leadership in SOC, Vulnerability Management, OT Security, DLP, and Awareness initiatives
  • Extensive experience with SIEM, EDR, SOAR, DLP, and platforms like CrowdStrike, FireEye, Palo Alto, Symantec, Netskope
  • Expertise in incident response, malware analysis, behavioral analytics
  • OT security experience in ICS, SCADA, and critical infrastructure
  • Data Loss Prevention program design and implementation
  • Experience with red / purple teaming, threat modeling, threat intelligence
  • Advanced experience in security automation, forensic investigation, and governance frameworks (ISO 27001, NIST, CIS)
  • Industry experience in regulated environments : pharmaceutical, healthcare, manufacturing

    • TECHNICAL SKILLS REQUIREMENTS

  • Expert-level analysis across SIEM, EDR, IDS / IPS, DLP, and vulnerability scanners
  • Proficient in SOAR implementation and automation frameworks
  • Experience with custom rule creation, anomaly detection, and threat behavior analytics
  • Knowledge of MITRE ATT&CK, Cyber Kill Chain, IOC / IOA enrichment
  • Strong in malware analysis, forensic triage, root cause analysis
  • SIEM and log management expertise using tools like CrowdStrike KQL, Cribl
  • Experience integrating and optimizing security platforms via APIs
  • Leadership in SOC governance, KPI tracking, playbook creation
  • Familiarity with risk-based authentication and identity-based threat defense
  • Strategic thinking in lifecycle management of tools (EDR, DLP, CASB)
  • Mentorship of global teams and cross-functional collaboration

    • PHYSICAL POSITION REQUIREMENTS

  • Availability to work between 1pm IST to 10pm IST (minimum 3 hours of overlap with US EST time zone)

    • Employment Type : Full Time

    Skills Required

    Vulnerability Management, Dlp, Cissp, Soc, Ot Security

    Create a job alert for this search

    Technical Lead • Hyderabad / Secunderabad, Telangana