Track Lead - AWS Security, Cloud Security
India
Job Description
Track Lead - AWS Security, Cloud Security
Bangalore, Karnataka

Job Summary

We are looking for a seasoned Incident Response / SOC Lead to drive security monitoring, threat detection, incident response, and operational maturity for enterprise-scale environments. The role requires strong leadership across incident handling, prioritization, stakeholder communication, major incident management, process governance, and continuous improvement of detection and response capabilities across cloud, endpoint, network, and application environments.

PREFERRED CERTIFICATIONS\\\\r\\\\n\\\\r\\\\n· GCIH / GCIA / GMON / SEC504 or similar SANS / GIAC certifications\\\\r\\\\n\\\\r\\\\n· SC-200, AWS Security Specialty, Google Professional Cloud Security Engineer, Azure Security Engineer Associate\\\\r\\\\n\\\\r\\\\n· CEH, CySA+, Security+, CSA or equivalent SOC / IR certifications

Key Responsibilities

Lead a 10-member SOC / Incident Response team responsible for security monitoring, incident triage, threat hunting, investigation, containment coordination, and remediation tracking. · Drive end-to-end Security Incident Response operations including detection, triage, validation, containment support, eradication, recovery, and post-incident follow-up for high severity incidents. · Own and lead major incident handling (P1 / P2), bridge calls, war-room discussions, stakeholder updates, escalations, and crisis management to minimize business impact. · Manage and provide technical oversight for security platforms such as CrowdStrike Falcon, Splunk ES, Cisco SSE, AWS, Azure / GCP, and related detection or response tooling. · Perform advanced investigation and threat hunting using SIEM technologies such as Splunk and Anvilogic, including log correlation, IOC analysis, pattern identification, and attack-path analysis. · Apply MITRE ATT&CK;, threat intelligence, and NIST-aligned incident response practices to guide investigations, threat hunting, and response improvements. · Lead root cause analysis and post-incident reviews, and deliver executive-ready incident reports with actionable remediation, lessons learned, and control enhancement recommendations. · Drive improvements in SOPs, incident playbooks, knowledge articles, escalation matrices, shift handovers, and technical documentation to standardize and mature operations. · Partner with global and cross-functional teams including cloud, platform, infrastructure, email security, identity, application, and business stakeholders during active incident response and remediation. · Lead tabletop exercises, incident simulations, and readiness assessments to validate response preparedness, improve decision making, and enhance analyst performance. · Monitor KPIs, SLAs, investigation timelines, alert acknowledgement metrics, and service quality indicators to ensure operational effectiveness and continuous improvement. · Mentor analysts, review investigations, guide use case tuning, and act as an escalation point for complex threats, critical incidents, and operational blockers

Skill Requirements

: REQUIRED TECHNICAL SKILLS · Strong hands-on experience in Security Operations Center (SOC), Incident Response, and threat hunting domains. · Expertise in SIEM and detection technologies such as Splunk ES, Anvilogic, or equivalent platforms. · Hands-on knowledge of endpoint and cloud security tools including CrowdStrike Falcon and security capabilities across AWS, Azure, and GCP. · Strong understanding of network security concepts and protocols such as TCP/IP, DNS, HTTP/S, VPN, proxies, firewalls, IDS/IPS, and secure web gateways. · Experience handling endpoints, email threats, identity compromise, suspicious authentication patterns, malicious files, and anomalous behaviors. · Strong knowledge of NIST incident response framework, MITRE ATT&CK;, Cyber Kill Chain, and security operations best practices. · Experience with Linux environments and security analysis in hybrid, cloud, and enterprise environments. · Ability to create / tune detections, drive log source onboarding, improve visibility, and support forensic or evidence-based investigations. · Good working knowledge of ticketing / case management platforms such as ServiceNow or JIRA.

Other Requirements

PREFERRED SKILLS · Exposure to security automation, SOAR, KQL / SPL queries, and detection engineering. · Experience with packet analysis, malware triage, threat intelligence platforms, or container / Kubernetes security. · Experience supporting global stakeholders and operating in follow-the-sun or shift-based models. · Ability to present incident trends, dashboard metrics, and security posture updates to leadership. CANDIDATE PROFILE · 10+ years of overall cybersecurity experience with significant hands-on depth in incident response / SOC operations. · Prior experience leading analysts or small / mid-sized SOC teams in enterprise environments. · Strong analytical mindset and calm decision-making ability during high-pressure incidents and crisis situations. · Excellent written and verbal communication skills with ability to engage technical teams and leadership stakeholders effectively. · Bachelor’s degree in Computer Science, Information Security, Information Technology, or equivalent experience.

Information at a Glance

Why HCLTech?

At HCLTech, you'll supercharge your potential. You'll find your career. And you'll find your spark. All at a place that knows that helping its customers stay on top starts by putting its people first.

HCLTech is a global technology company, home to more than 227,000 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending December 2026 totaled $14.7 billion.

23 Benefits At HCLTech, we believe in empowering our employees with comprehensive benefits that support their professional growth and enhance their well-being. When you sign up for a career with us, you gain access to: https://rmkcdn.successfactors.com/147eb21f/a701dca9-f32d-4fc9-9447-6.svg Industry-benchmarked compensation https://rmkcdn.successfactors.com/147eb21f/b0c54381-ddcc-4a33-9b35-9.svg Best-in-class healthcare benefits https://rmkcdn.successfactors.com/147eb21f/b73027be-7aae-4d36-a090-4.svg Personal time off https://rmkcdn.successfactors.com/147eb21f/d5b4fdfd-2e99-4e26-9878-9.svg Maternity and paternity benefits https://rmkcdn.successfactors.com/147eb21f/3d42b0fc-4652-435a-9ece-c.svg Access to skills / higher education programs/resources https://rmkcdn.successfactors.com/147eb21f/aeddeaf2-9e25-4584-ad11-d.svg Discounts on products and services via Benefit Box https://rmkcdn.successfactors.com/147eb21f/a9609a3b-2700-4b3c-9d90-a.svg Participate in CSR programs and live life with a purpose https://rmkcdn.successfactors.com/147eb21f/c6e33851-710f-4634-bd69-f.svg Opportunities to grow and advance your career Note: The benefits listed above vary depending on the nature of your employment and the country where you work. Some benefits may be available in some countries but not in all.