Talent.com
This job offer is not available in your country.
SOC Head

SOC Head

IDFC FIRST Banknavi mumbai, maharashtra, in
8 hours ago
Job description

Responsible for managing the end-to-end operations and strategic evolution of our Security Operations Centre (SOC), Threat Hunting & Incident Response, Threat Intelligence, Digital Forensics, and Security Automation functions.

This is a senior role crucial to the bank’s cyber resilience, regulatory compliance, and defence modernization initiatives.

Key Responsibilities

1. Security Operations Centre (SOC) Leadership

  • Lead and oversee 24x7 operations of the bank’s internal SOC, including detection engineering, alert triage, and analyst response workflows.
  • Ensure effective monitoring across IT, cloud, SaaS, and endpoint telemetry sources through integration of SIEM, SOAR, EDR, TIP, NDR etc.
  • Continuously optimize detection use cases aligned to MITRE ATT&CK and reduce false positives via correlation logic and contextual enrichment.

2. SOAR Implementation & Security Automation

  • Own the design, deployment, and maintenance of a Security Orchestration, Automation, and Response (SOAR) platform.
  • Automate repetitive incident response workflows (phishing, malware, insider threat, account compromise, etc.).
  • Integrate SOAR with SIEM, TIP, ticketing, and ITSM platforms to enable closed-loop automation and reduce MTTR.

    • 3. Threat Intelligence (TI) Management

  • Establish and manage the threat intelligence program leveraging both commercial and open-source threat feeds.
  • Operationalize threat intelligence for proactive detection, threat actor profiling, IOC enrichment, and fraud prevention.
  • Ensure real-time ingestion, enrichment, and distribution of intelligence to SOC, vulnerability management, and fraud teams.

    • 4. Incident Response & Crisis Management

  • Lead the bank’s incident response program including planning, investigation, containment, and recovery for cyber incidents.
  • Maintain and regularly test incident response plans through tabletop exercises and simulations.
  • Interface with executive management, legal, risk, and regulators during security incidents.
  • Ensure RCA and incident lessons learned are tracked, reported, and addressed.

    • 5. Digital Forensics & Investigation

  • Lead forensic investigations involving endpoints, servers, insider threats, and data breaches.
  • Implement forensic toolkits and processes for evidence collection, chain of custody, and root cause analysis.
  • Work with legal and compliance teams during fraud, litigation, or regulatory investigations.
  • Run Table Tops with senior management to measure effectiveness of crisis management plan.

    • 6. Regulatory Compliance & Audit Support

  • Ensure adherence to regulatory requirements from RBI, SEBI, IRDAI, CERT-In, and other national regulators.
  • Maintain evidence repositories and documentation for compliance audits, incident reporting, and forensic readiness.
  • Map cyber defense controls to frameworks like NIST CSF, ISO 27001, and the RBI Cyber Security Framework.
  • Respond to regulatory inspections, reviews, and industry-wide cybersecurity drills.

    • 7. Threat Hunting & Use Case Engineering

  • Drive proactive threat hunting campaigns based on TTPs, behavior anomalies, and threat intelligence.
  • Identify gaps in existing controls and coordinate with SOC engineering teams to develop new use cases.
  • Regularly evaluate and improve detection content using MITRE ATT&CK, Sigma rules, and custom scripts.

    • 8. Technology Modernization & Innovation

  • Evaluate and onboard modern technologies like XDR, UEBA, cloud-native SOC, and AI / ML-driven detections.
  • Guide the transformation of the SOC to address modern threats including AI misuse, cloud compromise, and SaaS security risks.
  • Collaborate with architecture and application teams to ensure secure design and telemetry readiness across digital transformation initiatives.

    • 9. Team Leadership & Vendor Governance

  • Build and lead a multidisciplinary cyber defense team including SOC analysts, threat hunters, forensic specialists, and automation engineers.
  • Encourage and ensure upskilling of team using technology solutions like cyber range.
  • Define clear KPIs for SOC performance (MTTD, MTTR, false positive rate, automation coverage).
  • Manage and govern security operations vendors, MSSPs, TIP providers, and forensic labs as required.
    • Create a job alert for this search

    Soc • navi mumbai, maharashtra, in