Job Title:  T&T I Cyber-D&R I Deputy Manager | Google Secops Engineer | Mumbai, Pune

Your Work Profile  

• Lead architecture, design, and implementation of Google SecOps (Chronicle SIEM & SOAR) solutions
• Onboard and normalize security telemetry from multiple sources (cloud, network, endpoint, SaaS)
• Develop detection rules, use cases, and threat hunting queries using Chronicle Query Language (UQL/YARA-L)
• Design and optimize data pipelines, parsing, enrichment, and normalization strategies
• Integrate Google SecOps with security tools (EDR, IAM, firewalls, threat intel platforms)
• Implement and fine-tune alerting, correlation, and automated response workflows (SOAR)
• Perform threat hunting, incident investigation, and root cause analysis
• Ensure scalability, performance tuning, and cost optimization of SecOps platform
• Establish security best practices, governance, and compliance alignment
• Collaborate with SOC teams to improve detection coverage and reduce false positive.

Key Skills required:

• 4-10 years.
• Strong hands-on experience with Google SecOps (Chronicle SIEM/SOAR)
• Expertise in SIEM architecture, log management, and security monitoring
• Proficiency in detection engineering (YARA-L / UDM / UQL)
• Experience in data ingestion, parsing, and normalization (UDM model)
• Knowledge of security domains: network, endpoint, identity, cloud security
• Experience with cloud platforms, especially Google Cloud Platform (GCP)
• Understanding of threat frameworks (MITRE ATT&CK)
• Familiarity with APIs and automation
• Strong troubleshooting and performance optimization skills
• Google Professional Security Engineer or Chronicle certification
• Experience with SOAR playbooks and automation workflows
• Exposure to multi-SIEM environments (Splunk, QRadar, Sentinel, etc.)
• Programming/scripting knowledge (Python)
• Experience with DevSecOps and Infrastructure as Code (Terraform).
• Bachelor’s/Master’s degree