IN_Manager_SOC_Managed Services_ Advisory _Mumbai

Job Description & Summary: A career within Cybersecurity and Privacy services, will provide you with the opportunity to help our clients implement an effective cybersecurity programme that protects against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organisations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats. 

Responsibilities: 

Run red team exercises to test how well the organization can defend against real cyberattacks. 

Perform phishing simulations, social engineering tests, and controlled attack scenarios with proper approvals. 

Test web applications, APIs, mobile apps, internal/external networks, cloud environments, endpoints, and Active Directory. 

Perform activities like privilege escalation, lateral movement, password attacks, token abuse, and post-exploitation in a controlled way. Identifies gaps in security tools like EDR, SIEM, SOAR, WAF, and IAM. 

Understand attacker techniques, MITRE ATT&CK, Cyber Kill Chain, OSI layers, networking, system internals, and application architecture. Hands on experience on tools like Metasploit, Cobalt Strike, Burp Suite, Nmap, BloodHound, CrackMapExec, PowerSploit, Mimikatz, and Impacket. Write or modify scripts, payloads, or exploits using Python, PowerShell, C, or C++. 

 Application Security & Penetration Testing Analyst  

Tests web applications, mobile applications, APIs, thick-client applications, cloud-based applications, and related systems for security vulnerabilities. 

Performs vulnerability assessment and penetration testing using both manual testing and automated security scanning tools. 

Conduct security testing throughout the Software Development Lifecycle to identify risks early before applications go live. 

Reviews application source code to identify insecure coding practices and recommends secure alternatives. Performs threat modeling and secure design reviews for applications and systems. 

Identifies vulnerabilities, validates impact, prepares proof of concept, and recommends practical remediation steps. 

Explain findings clearly to developers, managers, and other technical or non-technical stakeholders. 

Works closely with development teams to ensure vulnerabilities are fixed within agreed timelines. 

Understands OWASP Top 10, SANS CWE 25, secure coding practices, secure development lifecycle, mobile application security, API security, cloud application security, and authentication protocols. 

Hands-on experience with tools like Burp Suite, OWASP ZAP, SQLMap, Postman, Echo Mirage, Nessus, Nmap, Metasploit, and Kali Linux. 

Must have good knowledge of OAuth 2.0, SAML, JWT, cryptography, Java, Python, JavaScript, current CVEs, exploit trends, and common attack techniques. 

Should have knowledge of AI application security, including prompt injections, model leakage, data poisoning, adversarial inputs, and security risks in AI APIs, chatbots, and AI/ML-enabled applications. Preferred experience in network penetration testing, IoT security testing, Docker, Kubernetes, AWS, Azure, or other cloud/container security technologies. 

Device Security Specialist  

Conduct end-to-end cyber security assessments and penetration testing of network devices such as routers, switches, firewalls, modems, gateways and access points, non-network devices, kiosk systems, tablets, industrial peripherals such as tyre inflators, EV chargers, vending machines and fuel dispensers, IoT devices, and embedded systems 

Perform firmware security analysis including firmware extraction, reverse engineering, binary analysis, hardcoded credential detection, and OTA update mechanism testing 

Conduct hardware security testing including JTAG and SWD debug interface probing, UART analysis, bus sniffing covering SPI and I2C, chip-off analysis, and side-channel attack assessment 

Execute wireless and RF security assessments covering Bluetooth, BLE, NFC, RFID, Wi-Fi, Zigbee, Z-Wave, LoRaWAN, and cellular 4G/5G protocols 

Test device-to-cloud communication security including API security, authentication mechanisms, encryption validation, and command injection testing 

Assess physical security aspects including tamper resistance, USB port security, boot process integrity, and secure boot validation 

Perform threat modeling for new devices and participate in secure design reviews during product development lifecycle 

Prepare detailed security assessment reports with CVSS risk ratings, proof-of-concept exploits, executive summaries, and actionable remediation roadmaps 

Map findings to relevant standards such as OWASP IoT Top 10, ETSI EN 303 645, IEC 62443, NIST IR 8259, PCI-DSS for payment devices, and DPDP Act 2023. Develop device security baselines, hardening guidelines, and maintain a device vulnerability knowledge base 

Track and validate remediation efforts by OEMs and vendors & Support security evaluations for new device acquisitions 

Mentor junior team members and contribute to building device security testing capability within the organization 

Infrastructure Security Engineer 

Secure enterprise infrastructure such as Windows servers, Linux servers, network devices, databases, and cloud platforms. 

Implements, configures, and maintains security controls across operating systems, networks, databases, and cloud environments. 

Manage identity and access solutions such as IDAM, SSO, MFA, and access control systems. 

Implement and troubleshoot authentication and authorization protocols like OAuth 2.0, SAML, and OpenID Connect. 

Create scripts to automate security hardening, configuration checks, and operational tasks. 

Work with cross-functional teams to make sure security best practices are followed through infrastructure projects. 

Conduct regular security assessments and recommend improvements. 

Understands Windows/Linux OS security, network security, cloud security, firewalls, VPNs, SIEM tools, endpoint protection, ISO, NIST, and CIS benchmarks. 

Hands on experience in scripting languages like PowerShell, Bash, or Python. 

Should have good communication, quick learning ability, and knowledge of enterprise IT processes. 

Data Privacy Operations Analyst 

Manage data privacy risks and ensure the organization follows privacy laws and regulations. 

Help create and implement privacy policies for collecting, processing, storing, and sharing personal information. 

Work with teams like HR, Finance, Facilities, IT, and business units to ensure personal data is handled lawfully. 

Perform privacy impact assessments for business processes, applications, and new technologies. 

Track privacy risks and help implement risk mitigation plans. & Handle personal data access requests from individuals and supports privacy grievance handling. 

Support privacy-related data breach handling and recommend corrective actions. Review outsourcing or vendor arrangements where personal data is processed and suggest privacy clauses or controls. 

Good understanding of privacy laws such as IT Act 2000, DPDP Act 2023, DPDP Rules 2025, GDPR, and data protection practices. 

Work with privacy technologies such as encryption, data masking, and privacy-enhancing technologies. Should have strong project management, reporting, communication, and confidentiality-handling skills 

Telcosec 4G/5G Core Security Engineer 

Secure telecom 4G and 5G core network systems and ensure they meet regulatory and security standards. 

Perform security reviews of core telecom nodes such as MME, SGW, PGW, HSS, PCRF, AMF, SMF, UPF, UDM, AUSF, NRF, PCF, and IMS nodes. 

Check node hardening, user access controls, PKI/certificate usage, interface security, and protocol configurations. 

Monitor and analyze telecom signaling traffic such as GTP-C/U, Diameter, SIP, PFCP, HTTP/2/SBI, and SCTP. 

Support configuration and tuning of GTP, Diameter, and SIP firewalls. 

Identify abnormal signaling behavior, roaming issues, topology exposure risks, and spoofing attempts. 

Review network segmentation using VLAN, VRF, Cisco ACI, micro-segmentation, firewall rules, ACLs, and zoning. 

Investigate telecom-specific threats such as signaling abuse, unauthorized access, and protocol misuse. 

Support cloud-native and virtualized telecom security across Kubernetes, OpenStack, CNF, and VNF environments. 

Understand 4G LTE EPC, 5G Core, 5G SA/NSA, roaming security, inter-PLMN security, network slicing security, SBI/API security, and telecom vendor systems & Works closely with telecom engineering, operations, vendors, and NOC teams. 

Infrastructure Security Engineer  

Secure enterprise infrastructure such as Windows servers, Linux servers, network devices, databases, and cloud platform. 

Implement, configure, and maintain security controls across operating systems, networks, databases, and cloud environments. 

Manage identity and access solutions such as IDAM, SSO, MFA, and access control systems. 

implement and troubleshoot authentication and authorization protocols like OAuth 2.0, SAML, and OpenID Connect. 

Create scripts to automate security hardening, configuration checks, and operational tasks. Ability to work with cross-functional teams to make sure security best practices are followed through infrastructure projects. 

Conduct regular security assessments and recommend improvements. 

Understands Windows/Linux OS security, network security, cloud security, firewalls, VPNs, SIEM tools, endpoint protection, ISO, NIST, and CIS benchmarks. 

Hand on experience in scripting languages like PowerShell, Bash, or Python. Should have good communication, quick learning ability, and knowledge of enterprise IT processes. 

Sr. Security Solution Architect 

Design complete cybersecurity solutions for customers or internal business teams. 

Create security architecture diagrams, high-level design documents, solution templates, and technical proposals. 

Build reusable architecture patterns for services like SOC, AppSec, Cloud Security, Infrastructure Security, GRC, Data Privacy, SIEM, EDR, DevSecOps, and ISMS. 

Perform infrastructure sizing for compute, storage, network, licenses, and prepare Bill of Quantities. 

Select suitable OEM/vendor technologies such as SIEM, EDR, CSPM, DevSecOps tools, and cloud security platforms. 

Present security solutions to customers, CISOs, CTOs, technical teams, and architecture review boards. 

Support RFPs, bid defenses, technical workshops, solution presentations, SOW preparation, and commercial alignment. 

Ensure solutions follow frameworks and compliance requirements such as ISO, NIST, PCI-DSS, GDPR, and internal governance. 

Manage solution repositories, templates, HLDs, BoQs, diagrams, and version control. Should have strong experience in cybersecurity, solution architecture, managed security services, cloud security, customer-facing roles, and presales/RFP work. 

Requires strong communication, proposal writing, stakeholder management, analytical thinking, commercial awareness, and leadership skills. 

GCP Security Architect 

Secures applications, workloads, and projects hosted on Google Cloud Platform & Lead GCP architecture reviews and security assessments for applications. 

Manages security posture across 500+ GCP projects using Security Command Center & Reviews and governs IAM roles, service accounts, organization policies, firewall rules, and cloud security configurations. 

Implement security guardrails for new GCP workloads and platforms. Configure and maintain VPC Service Controls and network security controls. 

Validate cloud resource inventory, tagging compliance, and security documentation. Support internal and regulatory audits for cloud security compliance. 

Hands on experience in Google Chronicle for security analytics and threat detection & terraform for infrastructure-as-code and security automation. 

Strong understanding of GCP-native security services like Security Command Center, IAM, VPC Service Controls, Chronicle, firewall governance, and organization policies. Ability to work with cloud, infrastructure, application, and security teams to fix cloud risks and improve security controls. 

Cyber Incident Response & Forensics Analyst 

Perform root cause analysis to find how the attack started, which system was first affected, and how the attacker moved inside the environment. Conduct network forensics, intrusion analysis, malware analysis, and reverse engineering when required. 

Support teams in recovery and remediation activities. Work with red team and penetration testing teams to improve detection and response capabilities. Create detailed forensic investigation reports, dashboards, metrics, and management presentations. 

Strong Understanding of Windows, Linux, Active Directory, MITRE ATT&CK, attacker TTPs, SIEM, EDR, and endpoint threat detection. 

Hands on experience in forensic tools such as Autopsy, FTK, EnCase, Oxygen, Cellebrite, Wireshark, RAM analysis tools, and registry analysis tools. 

Required strong documentation skills, attention to detail, calmness under pressure, and good stakeholder communication. 

Mandatory skill sets: 

SOC 

Preferred skill sets: 

SOC 

Years of experience required: 

8-12 Yrs 

Education qualification: 

B.E / B. Tech / M.Tech – 

 Academics (10th , 12th , Degree) Throughout 60% or above