Job Title:  T&T | Cyber: D&R | Associate Director | SIEM | Mumbai

Associate Director | Cyber – Defence & Resilience | SIEM | Mumbai

• Location:  Mumbai and Bangalore

• Job requisition ID : 95171

• Entity:  Deloitte Touche Tohmatsu India LLP 

The team

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks

Your work profile:

SOC Operations Management:

• Lead 24/7 operations of the MSSP SOC, ensuring continuous monitoring, analysis, and response to security incidents across multiple client environments.
• Manage and support a team of SOC analysts (Tier 1, Tier 2, Tier 3), incident responders, and engineers in handling security incidents for clients.
• Ensure that SLAs (Service Level Agreements) with clients are met, including response times, reporting, and incident resolution.
• Oversee shift management and ensure that the SOC is properly staffed to meet operational requirements.

• Serve as the primary liaison between the SOC team and the Bank for all operational and governance matters.
• Oversee daily operations across Detection Analysts (Jr/Sr), Shift Leads, Threat Hunting (TH), Threat Intelligence (TI), and Platform Engineers.
• Manage staffing across all shifts, ensuring zero coverage gaps and timely resource replacement with proper knowledge transfer (KT).
• Ensure coverage, resource allocation, and shift scheduling as per agreed terms.
• Monitor SOC team performance against SLAs, KPIs, and KRIs, reviewing metrics quarterly.
• Follow up on alerts escalated by Shift Leads to ensure closure within TAT.
• Conduct daily stand-up calls for open alerts and weekly convergence calls with the Bank team.
• Participate in monthly/quarterly governance meetings and ensure contract compliance.
• Maintain error-free documentation for regulatory/non-regulatory submissions, audits, and RCA reports.
• Ensure first-time-right quality for all submissions and timely invoice processing for client approval.
• Drive process improvement initiatives and collaborate on automation opportunities.
• Maintain professional email and stakeholder call etiquette at all times.

Key Skills Required:

• Education: Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree in Cybersecurity or Business Management is preferred.
• Experience:
• Total 15+ years in IT, 7+ years of experience in cybersecurity, with at least 3+ years in SOC management or an equivalent leadership role.
• Experience working in an MSSP or managing security operations for multiple clients is preferred.
• Strong experience with security tools (SIEM, EDR, IDS/IPS), threat intelligence, and incident response.
• Proven track record of leading teams in a 24/7 SOC environment.
• Certifications: One or more of the following:
• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)