Sr Lead - Captive Operations

Job Description

About The Company Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications Job Description L3 SOC Analyst ? Team Lead (24x7 Operations) Location: Hyderabad Experience Required Minimum 9 years of relevant experience with BCA/BSc-IT, or Minimum 7 years of relevant experience with BE/B.Tech/MCA Certifications Mandatory: CEH (Certified Ethical Hacker) and/or CHFI (Computer Hacking Forensic Investigator) Plus at least one additional certification from the following (or as per organizational requirement): CISSP, CISM, OSCP, GCIA, GCIH, etc. Key Responsibilities Team & Operations Management: Lead and manage a 24x7 Security Operations Center (SOC) team including L1 and L2 analysts Review L2 team activities regularly; ensure automation of routine and repetitive tasks Act as the escalation point for all SOC-related incidents across L1/L2/L3 teams Enforce adherence to SLA compliance and service quality parameters as defined by HPCL Provide on-the-job training and mentoring to the HPCL SOC team Prepare and deliver executive-level reports and presentations on SOC metrics, capabilities, and roadmap Threat Management & Use Case Development Conduct threat modeling for HPCL assets; define detection use cases based on threat vectors Improve accuracy of detection, reduce false positives, and enhance content development in SIEM Perform and mature threat hunting, threat intel analysis, and proactive monitoring Define and manage incident response plans, including response optimization and forensic support Technology Expertise Deep knowledge and hands-on experience in: ArcSight SIEM ? advanced queries, rule tuning, dashboard/reports optimization SOAR ? automating incident response, vulnerability management, and ticket workflows UEBA ? user behavior analytics, anomaly detection and response Manage log ingestion, parsing, and normalization from diverse log sources Ensure synchronization and operational readiness of DC and DR environments Participate in and support Disaster Recovery (DR) tests, Cyber Drills, and Tabletop Exercises Conduct regular reviews and change management for Standard Operating Procedures (SOPs) Assess technology configurations against global security standards and recommend improvements Define and track a maturity roadmap for SOC technologies and processes Assist in vulnerability management, including patching, upgrades, and remediation tracking Strong understanding of: Windows Event Logs, Linux system logs, and log correlation techniques Threat Intelligence platforms and integration with SIEM/SOAR Skilled in log analysis, incident triage, and advanced threat detection techniques Experience in developing custom rules, dashboards, and automated response playbooks Soft Skills Excellent communication, report writing, and presentation skills Proficiency in Microsoft Word, Excel, PowerPoint for executive reporting and documentation Ability to work under pressure, manage critical incidents, and support multiple stakeholders Preferred Qualifications Prior experience leading SOC operations for enterprise environments or public sector Experience in regulated industries or familiarity with compliance standards (ISO 27001, NIST, etc.)