Permanent Hiring

Detection Response Lead | Job Code: RJC1000

Chennai,India

  • Upload File

Role Description

Detection Response Lead, you will play a pivotal role in proactively identifying and mitigating security threats to safeguard the organization’s digital assets. This role requires a hands-on technical expert who can lead the Security Operations Center (SOC) team, drive detection strategies, and improve response mechanisms to combat cyber threats effectively.

Role & Responsibilities:

  • Lead the development, tuning, and optimization of detection strategies and playbooks for security monitoring.
  • Oversee threat hunting activities to identify advanced persistent threats and unknown risks.
  • Analyze and respond to high-severity security incidents, ensuring rapid containment and resolution.
  • Manage and mentor a team of SOC analysts, threat hunters, and incident responders.
  • Drive team performance, promote collaboration, and foster continuous improvement in security operations.
  • Define KPIs to measure SOC efficiency, incident response times, and detection effectiveness.
  • Coordinate with cross-functional teams during security incidents, ensuring a seamless response and post-incident review.
  • Conduct root cause analysis and implement remediation plans to prevent incident recurrence.
  • Integrate threat intelligence feeds into SOC workflows for proactive threat detection.
  • Analyze emerging cyber threat trends and recommend changes to detection processes and tools.
  • Manage and enhance security technologies such as SIEM, EDR, NDR, SOAR, and threat intelligence platforms.
  • Evaluate and implement new tools to improve threat detection, investigation, and response capabilities.
  • Develop clear incident response processes, documentation, and post-mortem analysis reports.
  • Deliver periodic reports to executive leadership on threat landscape, incident trends, and SOC performance.

Desired Key Skills

  • 5+ years of experience in cybersecurity operations, with at least 3 years in a leadership or senior SOC role.
  • Strong understanding of modern security frameworks, such as MITRE ATT&CK, NIST CSF, and CIS Controls.
  • Expertise in handling SIEM solutions (e.g., Splunk, Sentinel), EDR tools (e.g., CrowdStrike, Microsoft Defender), and SOAR platforms.
  • Hands-on experience in threat detection, incident response, and threat hunting.
  • Familiarity with cloud security technologies (AWS, Azure, GCP).
  • Proficient in scripting/automation using Python, PowerShell, or other relevant tools.
  • Strong analytical, problem-solving, and leadership skills.
  • Relevant certifications such as CISSP, CISM, CEH, GCIH, GCFA, or equivalent are highly preferred.