Skip to main contentA logo with &quat;the muse&quat; in dark blue text.
BNY Mellon

Group Manager, Information Security

Chennai, India


Bring your ideas. Make history.
BNY Mellon offers an exciting array of future-forward careers at the intersection of business, finance, and technology. We are one of the world's top asset management and banking firms that manages trillions of dollars in assets, custody and/or administration. Known as the "bank of banks" - 97% of the world's top banks work with us as we lead and serve our customers into the new era of digital.

With over 238 years of rich history and industry firsts, BNY Mellon has been built upon our proven ability to evolve, lead, and drive new ideas at every turn. Today, we're approximately 50,000 employees across 35 countries with a culture that empowers you to grow, take risks, experiment and be yourself. This is what #LifeAtBNYMellon is all about.

Want more jobs like this?

Get Software Engineering jobs in Chennai, India delivered to your inbox every week.

By signing up, you agree to our Terms of Service & Privacy Policy.

We're seeking a future team member for the role of Group Manager Information Security to join our team. This role is located in Pune/Chennai - HYBRID/REMOTE

This position is for a Cybersecurity Operations Leader to supplement the firm's Cyber-Security Monitoring function, and who will act as a "working manager" to both:

(1) Directly supervise and manage a team of SOC Analysts covering 2 shifts (6a-3p and 12:30p-9:30p) and;

(2) regularly demonstrate technical thought leadership when engaging with the SOC Analysts and other Cyber Operations teams

Normal schedule: 45-50 hours, roughly from 9a-6p local + extra hours as required to complete assigned work, on-call duties, and other commitments.

On-Call Duties:
  • M-F: 6 hours daily as SOC Escalation Manager: mostly overlaps your normal workday, (e.g. 8a-2p)
  • Weekend: 48-hours as On-Call SOC Manager, approx. 15 weekends per year
  • Ad Hoc Emergency: 24x7x365 Incident Response On-Call duties.
This position is one of several Regional SOC Manager roles that work cooperatively to enable effective, follow-the-sun Security Monitoring operations reporting directly to the Global SOC Manager.

The supervisory aspects of the role will include but are not limited to responsibility for goal-setting and performance review of staff, staff engagement, training & retention, member scheduling and leave management, expense processing, and workflow, procedure & documentation requirements definition.

The technical thought leadership aspects of the role include (but are not limited to) encouraging and influencing the team, developing formal processes to enable and ensure the effective combination of team, tools and process with regard to incident triage workflow.

The overall team scope includes:
  • Manage proper escalation of potential incidents, meeting SLAs and accuracy goals; provide investigative support to other Cyber Operations teams (such as Incident Response, Forensics and Threat Intelligence); ensure accuracy of team annotation in cases and all systems of record.
  • Execute and improve evidence-based investigation case notation, process, and attachments, including analysis of network data (e.g., packets, logs), endpoint data (e.g., logs, malicious artifacts) in both structured and unstructured formats, available contextual data (e.g. entitlements, asset inventory) and metadata.
  • Engage, improve, and promote best-practices with regard to ongoing reports from SOC analysts. Distill relevant information related to reports and findings and manage appropriate escalation/communications to the Global SOC Manager, Head of Cybersecurity Operations & Resiliency, and the Chief Information Security Officer (CISO).
  • Actively support and coordinate with Cybersecurity Leadership / Information Security department on regional priorities including presentation development and Security Monitoring service delivery.
  • Execute assigned and identified improvement areas related to reporting and metrics related to Security Monitoring team output by designing dashboards for management review and asset owners.
  • Support the SOC Audit Response Team in creating redacted evidentiary artifacts when needed to ensure all audit requests are delivered accurately and on time.
  • Work with business-internal application, technology, engineering, and infrastructure owners to expand the scope of log and use case coverage of the Security Monitoring service based on business need and changes in threat landscape.
  • Pursue ongoing coverage, quality, and documentation goals with regard to SIEM log ingestion, enrichment, modeling, and correlation; escalate and coordinate log issues to the relevant cyber engineering teams.
  • Work closely with the use case development team members to progress strategic and tactical use cases (alert detection rules) according to industry best practices, threat models, and constantly changing attack vectors.
  • Ensure the development of Security Orchestration, Automation and Response (SOAR) playbooks to automate and streamline repeatable triage and investigation actions.
  • Provide feedback to security control owners to help tune their environments based on the results of triage and investigations.
  • Enthusiastically work to improve the quality of Security Monitoring operations.
  • Contribute and guide the quality documentation of process and procedures related to team collaboration and security event triage and incident response workflow.
  • Ensure the team develops training and technical knowledge of Cyber Next Generation Technologies with a particular focus on Security Monitoring in Public Cloud & Digital Assets
Critical Requirement:
  • Prior Security Operations management experience: specifically, responsibility for SIEM correlated-event monitoring, triage, investigation, and escalations.
Core requirements:
  • 10-12 years of experience in information security management or related technology experience.
  • Bachelor's degree in computer science or a related discipline, or equivalent work experience required. Advanced degree preferred. Experience in the securities or financial services industry is a plus.
  • Strong verbal and written communication skills, including the ability to provide technical thought leadership on security incident investigation calls with other technology teams, and the ability to translate and simplify complex technical concepts for consumption by non-technical audiences.
Interviews will require a demonstrable fluency of:
  • SIEM technologies (Splunk, Security Essentials, SPL, Common Information Model & SE Datamodels)
  • Network technologies (NAC, ISD/IPS, WAF, Firewalls, Load Balancing, Switches/Routers, OSI model, IP layers 2-7, PCAP, Netflow, BGP ASN)
  • Server technologies (Mainframe, Linux/UNIX, Windows)
  • Endpoint technologies (Desktops, Laptops, VDI, Mobile)
  • Application protocols (DHCP, DNS, HTTP, TLS, LDAP, SOAP, MQ, REST, FTP, TN3270, etc.)
  • Authentication protocols (Kerberos, SiteMinder, JWT, OAUTH2)
  • Threat Frameworks (Mitre Att&ck, Lockheed-Martin CyberKillChain)
The ideal candidates will have additional knowledge in:
  • Audit & Regulatory Frameworks including but not limited to Swift CSP, SOC1/SOC2, ISO/IEC 27001, PCI DSS, NSYDFS, FFIEC, FINRA, CBEST, GDPR
  • SaaS services (O365,
  • Atlassian Products (Confluence, JIRA Software, JIRA Core)
  • Splunk, ML Toolkit, UBA
  • Service Now
  • Public Cloud (Azure, GCP, AWS)
  • Digital Assets
At BNY Mellon, our inclusive culture speaks for itself. Here's a few of our awards:
  • Fortune World's Most Admired Companies & Top 20 for Diversity and Inclusion
  • Bloomberg's Gender Equality Index (GEI)
  • Human Rights Campaign Foundation, 100% score Corporate Equality Index
  • Best Places to Work for Disability Inclusion , Disability: IN - 100% score
  • 100 Best Workplaces for Innovators, Fast Company
  • CDP's Climate Change 'A List'
Our Benefits:

BNY Mellon offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves that can support you and your family through moments that matter. BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.

Employer Description:

For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments and safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark:

Client-provided location(s): Chennai, Tamil Nadu, India
Job ID: BNY_Mellon-38051-OTHLOC-100002890196461
Employment Type: Other

Perks and Benefits

  • Health and Wellness

    • Health Insurance
    • Health Reimbursement Account
    • Dental Insurance
    • Vision Insurance
    • Life Insurance
    • Short-Term Disability
    • Long-Term Disability
    • FSA
    • HSA
    • HSA With Employer Contribution
  • Parental Benefits

    • Birth Parent or Maternity Leave
    • Non-Birth Parent or Paternity Leave
  • Work Flexibility

    • Flexible Work Hours
    • Remote Work Opportunities
  • Office Life and Perks

    • Commuter Benefits Program
  • Vacation and Time Off

    • Paid Vacation
    • Paid Holidays
    • Personal/Sick Days
    • Sabbatical
    • Leave of Absence
  • Financial and Retirement

    • 401(K)
    • 401(K) With Company Matching
    • Performance Bonus
  • Professional Development

    • Tuition Reimbursement
    • Promote From Within
    • Mentor Program
    • Shadowing Opportunities
    • Access to Online Courses
  • Diversity and Inclusion

    • Diversity, Equity, and Inclusion Program