Technology Lead- Security Monitoring - Bangalore

At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If you're passionate about developing your career, while helping others along the way, come join the Broadridge team.

The Security Monitoring Lead Engineer is responsible for enhancing SIEM performance, designing and optimizing detection rules, and integrating automation to drive more effective threat detection and response. This role requires close collaboration with infrastructure, security, cloud engineering, and other cross-functional teams to design and implement seamless integration of security tools, optimize data flows, and ensure comprehensive telemetry coverage across the organization.

Additionally, the position requires expertise in DevOps methodologies and Infrastructure as Code (IaC) to build scalable, automated security solutions and streamline deployment processes. The role will require working in shifts to ensure continuous 24/7 operations.

• Architect and implement advanced security monitoring use cases that elevate our threat detection and incident response systems.
• Spearhead the seamless integration and administration of SIEM platforms, ensuring optimal data flow and threat visibility.
• Deploy and manage infrastructure as code with Terraform, setting new standards for reliability and efficiency.
• Develop and automate scripts using Python, Bash, or PowerShell to refine SOC operations and elevate efficiency.
• Lead efforts in tuning SIEM alerts, enhancing accuracy, and reducing false positives to ensure precise threat identification.
• Conduct deep-dive log analyses and proactive threat hunting to uncover and mitigate potential security risks.
• Curate comprehensive documentation and reporting, providing insights that guide strategy and inform stakeholders.
• Engage continuously with emerging technologies and methodologies to maintain an edge in a rapidly evolving threat landscape.

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field; advanced certifications such as CEH, CISSP, or GIAC are highly regarded.
• A minimum of 5 years of proven experience in a SOC role with a focus on automation and SIEM integration.
• Proficiency in Terraform and infrastructure as code practices.
• Proficiency in scripting languages (Python, Bash, PowerShell), enabling dynamic and effective automation.
• Extensive experience with security monitoring tools (e.g., SIEM, EDR, IPS/IDS, Firewalls) and a thorough understanding of cloud security within AWS and Azure environments.
• Stellar analytical and problem-solving skills, combined with clear and compelling communication capabilities.
• Capacity and readiness to work and provide leadership in rotational shifts, including nights and weekends.

• Experience with advanced automation and orchestration tools.
• In-depth knowledge of security frameworks and regulations, including NIST, ISO 27001, PCI-DSS, GDPR, and HIPAA.
• A strategic mindset in conducting threat assessments and risk analyses.