Bestkaam Logo
Back to Jobs
CrossTab IT Consulting

AVP Cybersecurity (SOC)

Actively Reviewing

CrossTab IT Consulting

Mumbai Full-Time 10–20 yrs exp Posted 10 hours ago  · Apply by Sep 14, 2026

Leadership & Collaboration

  • Lead and mentor SOC analysts and contractors, fostering a high-performance, growth-oriented culture.
  • Build strong working relationships across Cybersecurity, Technology, and Business teams to support global operations.
  • Act as an escalation point during major incidents, providing clear direction and timely communication.
  • Provide technical leadership during complex investigations, guiding analysts through attacker‑driven scenarios.

Security Operations & Incident Response

  • Oversee monitoring, triage, investigation, and response to security events across a global environment.
  • Direct end-to-end incident response activities and ensure high quality documentation and reporting.
  • Conduct proactive threat hunting to identify emerging risks and detection gaps.
  • Perform deep dive analysis using endpoint telemetry, network forensics, and memory artifacts when required.
  • Apply offensive security thinking to anticipate attacker behavior and strengthen detection engineering.

Operational Maturity & Process Improvement

  • Maintain and enhance SOC use cases, detection logic, runbooks, and playbooks.
  • Continuously tune alerts to improve fidelity and reduce noise.
  • Ensure detection logic is mapped to MITRE ATT&CK and reflects current adversary TTPs.
  • Lead incident simulations and postmortems, driving measurable improvements in SOC performance.
  • Develop metrics and dashboards to communicate risk posture and operational effectiveness.
  • Develop and manage shift schedules to ensure consistent 24/7 operational coverage.

Automation, Tooling & Advanced Capabilities

  • Partner with Security Platform Engineering and drive SOAR automation to streamline workflows and enable analysts to focus on advanced investigations.
  • Partner with Security Engineering to optimize tools, improve detection coverage, and enhance response capabilities.
  • Collaborate with Threat Intelligence and Assessment teams to strengthen monitoring and accelerate autonomous response.

Governance, Reporting & Threat Awareness

  • Prepare concise, actionable reports for leadership on incidents, trends, and recommended improvements.
  • Stay current with global threat developments and translate insights into operational enhancements.
  • Ensure alignment with internal policies and financial-sector regulatory expectations.

qualifications

Education:

  • Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; equivalent professional experience considered.
  • Industry-recognized certifications such as GSEC, GCIA, CISSP, OSCP, CEH, or similar are advantageous.
  • Offensive security certifications such as OSEP, OSWE, GXPN, or CREST are highly desirable.
  • Advanced training in incident response, threat hunting, or digital forensics is a plus.
  • Training in malware analysis, exploit development fundamentals, or adversary simulation is a strong advantage.

Experience Required:

  • 10+ years of experience in enterprise cybersecurity or within a reputable security consulting/managed services organization.
  • 7+ years of hands-on experience in a Security Operations Center (SOC) supporting large-scale, complex environments.
  • Proven experience leading and developing technical teams, including performance management and mentoring.
  • Demonstrated success managing 24x7 operational environments and shift-based teams.
  • Strong background in incident response, including chain of custody processes, forensic tools, and structured investigation methodologies.
  • Practical experience with SOAR platforms and automation workflows; ability to drive efficiency through orchestration.
  • Experience with threat hunting methodologies, behavioral analytics, and detection engineering is preferred.
  • Prior exposure to financial services, regulatory expectations, or high security environments is highly desirable.