Partner with onshore security teams to design, implement, and maintain security tools and capabilities that support the goals of the Information Security organization.
Enhance and optimize the performance, scalability, and reliability of security operations, with a strong emphasis on SIEM content development, alert fidelity, and log coverage.
Identify opportunities for improvement by analyzing existing security processes, tools, and workflows, and implement innovative solutions to address gaps in visibility or detection.
Leverage SOAR platforms to automate repetitive tasks, enrich alerts, and accelerate incident response workflows within the SOC.
Support the expansion and maturation of security capabilities, ensuring alignment with evolving business needs, regulatory requirements, and industry best practices.
Collaborate across multiple Information Security functions, including Security Operations, Vulnerability Management, Threat Intelligence, and Security Awareness, to drive security initiatives.
Monitor the effectiveness of implemented security detections and processes, and provide recommendations for continuous improvement.
Assist in the integration and operationalization of new security tools and technologies within security monitoring workflows.
Provide technical expertise and guidance to both onshore and offshore teams to ensure solutions and detections are implemented effectively and securely.
Contribute to the development and maintenance of documentation, playbooks, and standard operating procedures for security monitoring tools and processes.
Stay up-to-date with the latest security trends, vulnerabilities, and detection techniques to proactively address emerging threats.
Organizational Relationships
Collaborates closely with onshore security teams, including Security Operations, Vulnerability Management, Threat Intelligence, and Security Awareness
Works with cross-functional teams such as Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration and operation of security tools
Partners with Identity and Access Management teams to implement and maintain secure access controls
Engages with external vendors and service providers to evaluate and integrate third-party security solutions
Coordinates with internal stakeholders to align security initiatives with business objectives and compliance requirements
Education and Experience
Education
University Degree in Computer Science or Information Systems is required
MS or advanced identity courses or other applicable certifications is desirable, including:
Certified Information Systems Security Professional (CISSP)
Relevant certifications in infrastructure security and vulnerability management, such as:
Offensive Security Certified Professional (OSCP)
GIAC Certified Vulnerability Assessor (GCVA)
Certified Ethical Hacker (CEH) are highly preferred
Experience
A minimum of 6+ years of relevant experience with a strong background in security operations centers, threat intelligence, and security engineering
2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health
Experience working with global teams across multiple time zones
Demonstrated ability to work within diverse technical teams
Technical Skills Requirements
Strong knowledge of security tools and technologies, such as SIEM (e.g., Splunk, NextGen SIEM) and endpoint detection and response (CrowdStrike) solutions
Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash to streamline security processes
Experience with cloud security tools and platforms (e.g., AWS, Azure, GCP) and securing cloud-native environments
Solid understanding of network security concepts, including firewalls, IDS/IPS, VPNs, and zero-trust architectures
Familiarity with identity and access management (IAM) solutions, such as Azure AD, Secret Server, and Sailpoint
Knowledge of threat detection, incident response, and vulnerability management processes and tools
Experience with container security and DevSecOps practices
Strong understanding of encryption technologies, key management, and secure coding practices
Ability to analyze and interpret security data to identify trends, vulnerabilities, and potential threats
Familiarity with regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI DSS)
Must be fluent in both written and spoken English, with the ability to communicate effectively across technical and non-technical audiences
Physical Position Requirements
Availability to work between 1:00 PM IST to 10:00 PM IST (minimum 3 hours of daily overlap with US Eastern Time Zone)
