Track Lead - Security Investigations, SIEM
India
Apply now
Job Description
Track Lead - Security Investigations, SIEM
Bengaluru, Karnataka

Job Summary

The Track Lead (Support & Operations) plays a pivotal role in managing security event investigations and implementing technical solutions within the organization. This position focuses on enhancing operational efficiencies, ensuring client satisfaction, and fostering a culture of continuous improvement and innovation among teams. The Track Lead is instrumental in aligning operational goals with organizational objectives while empowering teams to meet client SLAs effectively.

Incident Detection & Investigation 

  • Act as the L3/L4 escalation for confirmed and suspected security incidents  
  • Investigate incidents across:  
  • Endpoint (EDR/XDR) 
  • SIEM and log platforms 
  • Network telemetry 
  • Identity systems (AD / Entra ID) 
  • Cloud environments (Azure, AWS, M365) 
  • Perform deep‑dive analysis to identify:  
  • Root cause 
  • Attack vector 

ThreatInformed Response 

  • Map attacker behavior to MITRE ATT&CK techniques 
  • Correlate incidents with:  
  • Threat intelligence 
  • Active campaigns 
  • Known adversary TTPs 

Key Responsibilities

1. Implement And Optimize Soar Solutions To Automate Security Event Investigations, Ensuring Timely And Accurate Incident Response While Enhancing Overall Operational Efficiency.
2. Develop And Maintain Comprehensive Reporting Systems Using Siem Tools To Provide Insights Into Security Incidents And Operational Performance, Facilitating Informed Decision-Making.
3. Lead And Mentor The Support Team By Fostering Transparent Communication Of Project Goals And Encouraging The Adoption Of Best Practices In Security Operations.
4. Collaborate With Clients To Thoroughly Understand Their Security Needs, Ensuring The Support Team Delivers Tailored Solutions That Exceed Client Expectations.
5. Drive Innovation By Identifying Opportunities For Process Improvements And Implementing New Ideas That Enhance The Effectiveness Of Security Operations.

 

Skill Requirements

1. Strong Proficiency In Security Event Investigation And Soar Technologies.
2. In-Depth Knowledge Of Siem Tools And Their Application In Operational Environments.
3. Excellent Problem-Solving Abilities And A Strong Understanding Of Client Relationship Management.
4. Proven Leadership Skills With The Ability To Mentor And Empower Teams Effectively.

  • Strong experience with SIEM/SOAR platforms (Splunk, Microsoft Sentinel, XSIAM)  
  • Hands‑on EDR/XDR experience (Microsoft XDR, CrowdStrike, SentinelOne, Palo Alto) 
  • Proficiency in:  
  • KQL / SPL / advanced hunting queries 
  • Log and telemetry correlation 
  • Deep understanding of:  
  • Windows, Linux, macOS internals 
  • Identity systems (AD, Entra ID) 
  • Network fundamentals and attack techniques 
  • Familiarity with:  
  • MITRE ATT&CK 
  • NIST 800‑61 (Incident Response)  

Other Requirements

1. Optional But Valuable Certifications: Certified Information Systems Security Professional (Cissp), Security+ Certification, Or Any Relevant Soar Or Siem Certifications

  • 5–10 years in SOC, Incident Response, or Cyber Defense roles  
  • Experience operating in 24×7 SOC environments 
  • Certifications (preferred):  
  • GCIH, GCIA, GCED 
  • SC‑200, AZ‑500, CISSP  
Apply now
Information at a Glance

Why HCLTech?

At HCLTech, you'll supercharge your potential. You'll find your career. And you'll find your spark. All at a place that knows that helping its customers stay on top starts by putting its people first.

HCLTech is a global technology company, home to more than 226,300 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending December 2025 totaled $14.5 billion.
23 Benefits At HCLTech, we believe in empowering our employees with comprehensive benefits that support their professional growth and enhance their well-being. When you sign up for a career with us, you gain access to: https://rmkcdn.successfactors.com/147eb21f/a701dca9-f32d-4fc9-9447-6.svg Industry-benchmarked compensation https://rmkcdn.successfactors.com/147eb21f/b0c54381-ddcc-4a33-9b35-9.svg Best-in-class healthcare benefits https://rmkcdn.successfactors.com/147eb21f/b73027be-7aae-4d36-a090-4.svg Personal time off https://rmkcdn.successfactors.com/147eb21f/d5b4fdfd-2e99-4e26-9878-9.svg Maternity and paternity benefits https://rmkcdn.successfactors.com/147eb21f/3d42b0fc-4652-435a-9ece-c.svg Access to skills / higher education programs/resources https://rmkcdn.successfactors.com/147eb21f/aeddeaf2-9e25-4584-ad11-d.svg Discounts on products and services via Benefit Box https://rmkcdn.successfactors.com/147eb21f/a9609a3b-2700-4b3c-9d90-a.svg Participate in CSR programs and live life with a purpose https://rmkcdn.successfactors.com/147eb21f/c6e33851-710f-4634-bd69-f.svg Opportunities to grow and advance your career Note: The benefits listed above vary depending on the nature of your employment and the country where you work. Some benefits may be available in some countries but not in all.