Job Title

Job Title: Manager – SOAR Administration Department: Information Security Group (ISG)Duration: 6 months Reports To: VP – Head of Cyber Defense Center Location: REMOTE,IndiaJob PurposeThe Manager – SOAR Administration is responsible for the end-to-end administration and optimization of Security Orchestration, Automation, and Response (SOAR) solutions within the Cyber Defense Center. This role is critical to enhancing the efficiency and effectiveness of the organization’s security operations through the use of automation and orchestration. The role involves collaborating with the SOC team, integrating security tools, developing automated workflows, and improving incident response capabilities to bolster the overall cyber resilience of the organization.Key Result AreasLead the implementation, configuration, and administration of SOAR platforms (e.g., Splunk SOAR, Palo Alto Cortex XSOAR, IBM Resilient).Design, build, and optimize automated playbooks for incident detection and response.Ensure orchestration and integration across various security tools (SIEM, threat intelligence platforms, etc.).Drive process automation using scripting languages (Python, PowerShell, Bash).Support the incident response lifecycle and coordinate with the SOC during incidents.Monitor and enhance the SOAR ecosystem to reduce mean time to detect and respond (MTTD/MTTR).Deliver projects related to SOAR optimization and innovation.Key PrinciplesBusiness Alignment: Ensure SOAR initiatives are aligned with the bank’s strategic security objectives.Accountability: Own SOAR processes, outcomes, and reporting.Maturity Improvement: Continuously drive enhancements to cyber defense posture.Impact-Driven Approach: Focus on tangible results such as reduced response times and risk mitigation.Innovation & Automation: Promote scalable automation strategies and cutting-edge solutions.Continuous Improvement: Regularly review and upgrade SOAR processes and playbooks.Operating Environment & RelationshipsCollaborate with:Group-level CISOs, Cyber Defense Center staffRegulatory bodies, local and global teamsFirst, Second, and Third Lines of Defense (e.g., DPP, IT, Risk, Audit, Compliance)Ensure alignment with:Cybersecurity standards and frameworksBank-wide governance and regulatory mandatesProblem Solving & Critical ThinkingAnalyze and resolve complex cybersecurity incidents through automation and orchestration.Develop innovative solutions where standard approaches fall short.Apply strong technical knowledge of security frameworks, protocols, and SOAR integrations.Decision-Making Authority & ResponsibilityServe as the subject matter expert (SME) for all SOAR-related initiatives.Validate the adequacy of process controls against internal policies and regulatory requirements.Influence strategic direction for automation in incident response and security operations.Knowledge, Skills & ExperienceEssential Knowledge & Experience8+ years in Information Security, including 4–6 years in Security Incident Response using SOAR.Proven hands-on experience with platforms such as Microsoft Sentinel, Splunk SOAR, Cortex XSOAR, or IBM Resilient.Familiar with advanced SOC tools, frameworks (NIST, CERT/CC, ISO 27035), and regulatory requirements.Strong background in the BFSI sector, preferably in a SOC function.In-depth understanding of governance, compliance, risk management, and incident response.Technical Skills & ApplicationExpertise in scripting (Python, PowerShell, Bash) for playbook development.Ability to assess, design, and review SOAR use cases, automation logic, and integrations.Maintain up-to-date knowledge of evolving threat landscapes and defense mechanisms.Demonstrate resilience in enhancing security hygiene and monitoring capabilities.Other RequirementsBachelor’s degree in Computer Science, Information Security, or related discipline.Strong awareness of emerging technologies and evolving threat vectors.Professional certifications such as GCIH, CISSP, CEH are highly preferred.