Track Lead - Security Investigations, SIEM Job Details

Track Lead - Security Investigations, SIEM

India

Job Description

Track Lead - Security Investigations, SIEM

Bengaluru, Karnataka

Job Summary

The Track Lead (Support & Operations) plays a pivotal role in managing security event investigations and implementing technical solutions within the organization. This position focuses on enhancing operational efficiencies, ensuring client satisfaction, and fostering a culture of continuous improvement and innovation among teams. The Track Lead is instrumental in aligning operational goals with organizational objectives while empowering teams to meet client SLAs effectively.

The Automation & Security Engineer is responsible for designing, developing, and maintaining security automation workflows (SOAR playbooks) using platforms such as Microsoft Sentinel, Azure Logic Apps, and SOAR tools.

The role focuses on automating incident triage, enrichment, and response actions to reduce manual efforts and improve SOC efficiency

Key Responsibilities

1. Implement And Optimize Soar Solutions To Automate Security Event Investigations, Ensuring Timely And Accurate Incident Response While Enhancing Overall Operational Efficiency.
2. Develop And Maintain Comprehensive Reporting Systems Using Siem Tools To Provide Insights Into Security Incidents And Operational Performance, Facilitating Informed Decision-Making.
3. Lead And Mentor The Support Team By Fostering Transparent Communication Of Project Goals And Encouraging The Adoption Of Best Practices In Security Operations.
4. Collaborate With Clients To Thoroughly Understand Their Security Needs, Ensuring The Support Team Delivers Tailored Solutions That Exceed Client Expectations.
5. Drive Innovation By Identifying Opportunities For Process Improvements And Implementing New Ideas That Enhance The Effectiveness Of Security Operations.

Design, develop, and maintain SOAR playbooks / automation workflows for security incidents
Build automation using:
- Azure Logic Apps
- Microsoft Sentinel
- SOAR platforms (Siemplify / Chronicle / Custom)
Automate use cases such as:
- Incident enrichment
- Alert triaging
- Threat containment actions (IP blocking, endpoint isolation) [3.B1.S_Tar...LTech.docx | PDF]

B. Security Operations Automation

Integrate security tooling ecosystem:
- SIEM / Sentinel
- EDR (Defender, CrowdStrike etc.)
- ITSM (ServiceNow)
- Threat Intelligence platforms
Enable automated ticket creation, updates, and correlation
Build end-to-end alert-to-response pipelines [HCL JDE Ru...k_SOC_v1.0 | Word]

C. Playbook Development & Optimization

Develop automated workflows for:
- Malware detection response
- Suspicious login investigation
- Phishing triage
Optimize playbooks for:
- Faster MTTR
- Reduced false positives
- Improved response accuracy

D. Integration & API Engineering

Configure integrations using:
- REST APIs
- Webhooks
- Native connectors (Logic Apps / Sentinel)
Automate data ingestion and enrichment pipelines

E. Detection Engineering Support

Work with detection teams to:
- Convert detection rules into automated response workflows
- Improve correlation logic
Enhance analytics and anomaly detection capabilities

Skill Requirements

1. Strong Proficiency In Security Event Investigation And Soar Technologies.
2. In-Depth Knowledge Of Siem Tools And Their Application In Operational Environments.
3. Excellent Problem-Solving Abilities And A Strong Understanding Of Client Relationship Management.
4. Proven Leadership Skills With The Ability To Mentor And Empower Teams Effectively.

Strong experience in SOAR platforms / Automation engineeringHands-on with:

Azure Logic Apps
Microsoft Sentinel (automation rules, playbooks)

Experience in incident response automation workflows

Cloud security exposure (Azure, AWS, M365 Defender) 

SOC / SIEM concepts
Incident response lifecycle
Threat intelligence integration
Security event correlation

Other Requirements

1. Optional But Valuable Certifications: Certified Information Systems Security Professional (Cissp), Security+ Certification, Or Any Relevant Soar Or Siem Certifications

Scripting:

Python / PowerShell

API integration & automation

Cloud security (Azure preferred

Information at a Glance

Why HCLTech?

At HCLTech, you'll supercharge your potential. You'll find your career. And you'll find your spark. All at a place that knows that helping its customers stay on top starts by putting its people first.

HCLTech is a global technology company, home to more than 226,300 people across 60 countries, delivering industry-leading capabilities centered around digital, engineering, cloud and AI, powered by a broad portfolio of technology services and products. We work with clients across all major verticals, providing industry solutions for Financial Services, Manufacturing, Life Sciences and Healthcare, Technology and Services, Telecom and Media, Retail and CPG, and Public Services. Consolidated revenues as of 12 months ending December 2025 totaled $14.5 billion.

23 Benefits At HCLTech, we believe in empowering our employees with comprehensive benefits that support their professional growth and enhance their well-being. When you sign up for a career with us, you gain access to: https://rmkcdn.successfactors.com/147eb21f/a701dca9-f32d-4fc9-9447-6.svg Industry-benchmarked compensation https://rmkcdn.successfactors.com/147eb21f/b0c54381-ddcc-4a33-9b35-9.svg Best-in-class healthcare benefits https://rmkcdn.successfactors.com/147eb21f/b73027be-7aae-4d36-a090-4.svg Personal time off https://rmkcdn.successfactors.com/147eb21f/d5b4fdfd-2e99-4e26-9878-9.svg Maternity and paternity benefits https://rmkcdn.successfactors.com/147eb21f/3d42b0fc-4652-435a-9ece-c.svg Access to skills / higher education programs/resources https://rmkcdn.successfactors.com/147eb21f/aeddeaf2-9e25-4584-ad11-d.svg Discounts on products and services via Benefit Box https://rmkcdn.successfactors.com/147eb21f/a9609a3b-2700-4b3c-9d90-a.svg Participate in CSR programs and live life with a purpose https://rmkcdn.successfactors.com/147eb21f/c6e33851-710f-4634-bd69-f.svg Opportunities to grow and advance your career Note: The benefits listed above vary depending on the nature of your employment and the country where you work. Some benefits may be available in some countries but not in all.

Provider	Description	Enabled
Vimeo	Vimeo is a video hosting, sharing, and services platform focused on the delivery of video. Opting out of Vimeo cookies will disable your ability to watch or interact with Vimeo videos. Cookie Policy Privacy Policy Terms and Conditions	Consent to cookies from provider Vimeo
YouTube	YouTube is a video-sharing service where users can create their own profile, upload videos, watch, like, and comment on videos. Opting out of YouTube cookies will disable your ability to watch or interact with YouTube videos. Cookie Policy Privacy Policy Terms and Conditions	Consent to cookies from provider YouTube

Provider	Description	Enabled
Google Analytics	Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Cookie Information Privacy Policy Terms and Conditions	Consent to cookies from provider GoogleAnalytics
Google Tag Manager	Google Tag Manager is a tag management system for conversion tracking, site analytics, remarketing, and more. Privacy Policy Terms and Conditions	Consent to cookies from provider GoogleTagManager
LinkedIn	LinkedIn is an employment-oriented social networking service. We use the Apply with LinkedIn feature to allow you to apply for jobs using your LinkedIn profile. Opting out of LinkedIn cookies will disable your ability to use Apply with LinkedIn. Cookie Policy Cookie Table Privacy Policy Terms and Conditions	Consent to cookies from provider LinkedIn