✈️ Reach Thousands of Aviation & Aerospace Professionals for Just $249 — Post in 3 Minutes

SOC Operations

Air India • Gurugram, HO • 2d ago

Job Purpose

· Ensure the day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data. Drive coverage and effectiveness of security operations, manage deployed solutions at optimum security, availability, performance, and capacity, and ensure continuous compliance with regulatory requirements and security frameworks.

Key Accountabilities

Operational Activities

Ensure day-to-day operations and maintenance of the organization's cyber security infrastructure and controls to protect systems, networks, and data.
Ensure coverage and effectiveness of security operations and deployed solutions.
Ensure optimum security, availability, performance, and capacity of security solutions under management.
Maintain up-to-date documentation – SOPs, architecture diagrams, etc. to remove dependency on people.
Manage configuration changes and deployments according to established change management processes, ensuring minimal disruption and adherence to best practices.
Ensure hardening, latest stable version, and security patches of security devices and solutions.
Track EOL/EOS and ensure there is no technology obsolescence.
Ensure resolution of incidents and outages, coordinating with internal teams and external vendors to restore service within agreed-upon SLAs.
Manage escalations and run smooth operations of security solutions; ensure relevant processes are followed for change, incident, and daily operations.
Identify and analyse pain areas in existing security operations and implement improvements.
Manage operational issues which require design/technical inputs.
Ensure compliance with regulatory requirements, security policies, and security frameworks such as ISO 27001, NIST, or CIS.
Publish relevant dashboards and status updates.
Exposure in brand monitoring, dark web/deep web monitoring with multi-tool solution.
Exposure in enterprise-level solution architecture and implementation.

Any other additional responsibility could be assigned to the role holder from time to time as a standalone project or regular work. The same would be suitably represented in the Primary responsibilities and agreed between the incumbent, reporting officer and HR.

Skills Required for the role

Multi-Cloud Security Operations	SIEM / SOAR / SOC Operations
Incident Response & Threat Management	Network & Endpoint Security (NGFW, NGIPS, WAF, DLP, NAC, MFA)
Security Frameworks (ISO 27001, NIST, CIS)	ITIL / ITSM Practices

D. Educational and Experience Requirements

Minimum Education Requirement	Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Equivalent work experience may be considered.
	Minimum Requirement	Desired
Experience	4–8 years of security operation experience in multi-cloud platforms, including: Sound experience managing security technologies and operations in large and complex environments Strong knowledge of various security technologies: Anti-malware, ATP, APT, Sandboxing, Secure Proxy, Endpoint Security, PIM, DDoS, WAF, MDM, DLP, NAC, MFA, NGFW, NGIPS, VPN, SIEM, SOAR, SOC · Solid understanding of encryption technologies, authentication & access control, intrusion detection, and incident response	Master's degree in Cybersecurity, Information Assurance, or related discipline. Exposure in handling incident response and cyber crisis management Experience with brand monitoring and dark web / deep web monitoring Strong problem-solving and leadership abilities Fluency in written and spoken English
Certification	Any recognized cyber/IT security certification relevant to the domain.	MS Sentinel, SC 200, SC 900 QRadar, Splunk, or QROC ITIL Foundation or higher