Role & responsibilities The UAT and Production SIEM-DAM workplace which needs to be supported in DC & DR.\nContinuous Monitoring & Threat Detection\nOversee SOC operations ensuring timely detection and incident response.\nIntegrate SIEM, SOAR, XDR, IDS/IPS, UEBA, and threat intelligence platforms for advanced monitoring.\nMonitor trading and clearing platforms, APIs, and connectivity gateways for anomalies and vulnerabilities.\nTrack zero-day vulnerabilities, emerging threats, and APTs targeting financial markets.\nIncident Response & Crisis Management\nLead incident triage, investigation, containment, and recovery.\nConduct root cause analysis and post-incident reviews to prevent recurrence.\nCoordinate major incident response with regulators (SEBI, CERT-In, RBI) and law enforcement.\nConduct red/blue team simulations, tabletop exercises, and cyber drills to validate readiness.\nTechnology & Process Optimization\n\n- Manage and optimize SOC tools, platforms, and analytics.\n\n- Drive automation (SOAR, ML-based anomaly detection, scripting) to improve efficiency and reduce MTTR.\n\n- Integrate SOC operations with NOC, fraud monitoring, and business continuity for resilience.\n\n- Ensure forensic readiness, log management, and data retention meet regulatory standards.\n\n\nCompliance & Regulatory Reporting\nEnsure compliance with SEBI CSCRF, CERT-In directives, DPDPA, PCI DSS, ISO 27001.\nPrepare and submit mandatory incident reports within required timelines.\nMaintain audit-ready documentation and support external/internal audits and risk assessments.\nProvide executive dashboards and reports on incidents, threats, and SOC performance.\nThreat Intelligence & Proactive Defence\nBuild and integrate Cyber Threat Intelligence (CTI) programs relevant to financial services.\nImplement proactive threat-hunting programs to detect and mitigate risks early.\nCollaborate with security architecture and engineering teams to improve detection and prevention.\nPreferred candidate profile