SOC Lead (Sentinel experience required)

2 Months ago • 14 Years + • Cyber Security

Job Summary

Job Description

Rackspace Cyber Defense seeks a Security Lead to manage a multi-disciplinary SOC serving their customers. Responsibilities include managing a team of first responders, ensuring customer environment security, identifying critical assets, implementing and enhancing security tooling (including Sentinel), utilizing threat intelligence platforms, automating security processes, resolving vulnerabilities within SLAs, providing reporting and analysis (including breach root cause analysis), collaborating with other teams, and handling critical incidents. Advanced threat hunting, post-breach forensic analysis, and customer onboarding are also key aspects. The role requires in-depth knowledge of customer environments and strong communication skills.
Must have:
  • 14+ years SOC and Security Eng experience
  • Sentinel expertise
  • Team management skills
  • Cloud security experience (Azure, GCP, AWS)
  • Threat intelligence and analysis
  • Vulnerability management
  • Incident response and handling
  • Reporting and analysis
Good to have:
  • CISSP, SSCP, CCSP, GCIH, GSOC certifications
  • Knowledge of security standards (NIST, ISO27001, CIS, OWASP)
  • Experience with endpoint management tools (CrowdStrike, Microsoft Defender)

Job Details


Rackspace Cyber Defense

Security Lead, Security Operations
Shift Timings: 6:30 pm to 3:30 am IST

 
About Rackspace Cyber Defence

Rackspace Cyber Defence is our next generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence-driven security services. 


Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud, and multi-cloud workloads.

Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric, fully integrated 24x7x365 cyber defense capabilities that deliver a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.


Our mission is to help our customers:

       Proactively detect and respond to cyber-attacks – 24x7x365.
       Defend against new and emerging risks that impact their business.
       Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.
       Reduce their exposure to risks that impact their identity and brand.
       Develop operational resilience.
       Maintain compliance with legal, regulatory and compliance obligations.
 

What we’re looking for

To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for a Security Lead for security Operations. 

This role is particularly well-suited to a self-starting, experienced, and motivated Security Lead, who is commercially aware, service-oriented, and has a proven record of accomplishment in delivering and managing a security operations centre (SOC.) 

The Security Lead will be the face of Rackspace’s security services and responsible for the leadership and management of a multi-disciplinary security operations center (SOC) that serve Rackspace Cyber Defense customers.
 

Key Accountabilities

       Should have experience of 14 years in SOC and Security Eng.
       Managing a team of first responders, as part of a resolver group (or pod), you will ensure the Customer’s operational and production environment remains secure and any threats are raised and addressed promptly. This can include monitoring at both the network and application level.
       Identification of a customer’s critical assets using technical tools and interviews.
       Use of, enhancement of, or implementation of new, relevant technology tooling to ensure a customer’s configuration and security policies are enforced.
       Use of threat intelligence platforms such as OSINT, to understand the latest threats. Researching and analysing the latest threats to better understand an adversary’s tactics, techniques, and procedures (TTPs).
       Automation of security processes and procedures to enhance and streamline monitoring capabilities.
       Ensure any reported vulnerabilities are resolved within agreed SLA timeframes.
       In-depth knowledge of each Rackspace customer’s environment.
       Providing relevant reporting and analysis (including breach root cause analysis, if required) to customers, on an agreed frequency.
       Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.
       May be required to work flexible working hours.
       Critical Incident Handling & Closure and Deep investigation and analysis of critical security incidents.
       Post-breach forensic incident analysis reporting and Advanced threat hunting.
       Assist with customer onboarding – loading of feeds, etc. to Sentinel. 
       Develop custom dashboards and reporting templates and Develop complex to customer-specific use cases.
       Advanced platform administration and Solution recommendations for issues.
       Co-ordinate with different teams for issue resolution
 
Skills & Experience

       Experience of managing a team of Security Operations Engineers, or equivalent.
       Experience of working in large-scale, public cloud environments and using cloud-native security monitoring tools such as: -  Azure Security Centre and Sentinel o GCP Security Command Centre, Chronical.
o   AWS Security Hub including AWS Guard Duty, AWS Macie, AWS Config, AWS Security Lake and AWS CloudTrail
o   Vulnerability Management: Qualys, Microsoft Defender.
o   Endpoint Management: CrowdStrike and Microsoft  Defender for Point.
       Knowledge of security standards (good practice) such as NIST, ISO27001, CIS, OWASP and Cloud Controls Matrix (CCM) etc.
       Experience of security controls, such as network access controls; identity, authentication and access management controls (IAAM); and intrusion detection and prevention controls. 
       Adept at analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis. 
       Computer science, engineering or information technology related degree (although not a strict requirement) 
       Holds one, or more, of the following certificates (or equivalent): - o Certified Information Security Systems Professional (CISSP) o Systems Security Certified Practitioner (SSCP) o Certified Cloud Security Professional (CCSP)
o   GIAC Certified Incident Handler (GCIH) o GIAC Security Operations Certified (GSOC)
       A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.
       A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.
       Highly organized and detail oriented. Ability to prioritise, multitask and work under pressure.
       An individual who shows a willingness to go above and beyond in delighting the customer.
       A good communicator who can explain security concepts to both technical and nontechnical audiences. 
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
 
 
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
 
 
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
undefined

Similar Jobs

Axinous - Principal Software Engineer - API Tooling & Frameworks

Axinous

San Jose, California, United States (Hybrid)
4 Months ago
PwC - Senior Security Engineers (Entra ID/AD)

PwC

Sofia, Sofia City Province, Bulgaria (On-Site)
6 Months ago
Britive - SENIOR SOFTWARE ENGINEER

Britive

San Francisco, California, United States (Remote)
4 Months ago
Axinous - Staff BSA - ServiceNow

Axinous

California, United States (Remote)
3 Weeks ago
Forescout Technologies  Inc  - Professional Services Engineer

Forescout Technologies Inc

United States (Hybrid)
4 Months ago
PwC - Internship program - Cybersecurity and Privacy

PwC

Bangkok, Bangkok, Thailand (On-Site)
6 Months ago
Postman - Senior Security Engineer, Detection & Response

Postman

Bengaluru, Karnataka, India (On-Site)
5 Months ago
PwC - Manager - Assurance - IT Audit

PwC

Jakarta, Jakarta, Indonesia (On-Site)
6 Months ago
PwC - IT Audit Trainee

PwC

Makati, Metro Manila, Philippines (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Saviynt - Account Executive

Saviynt

Kansas City, Kansas, United States (Remote)
5 Months ago
ByteDance - Security Engineer (Penetration Tester) - 2025 Start

ByteDance

Singapore (On-Site)
5 Months ago
Normalyze - Lead DevOps Engineer - Enterprise Cybersecurity - SaaS - Bay Area, CA

Normalyze

California, United States (Remote)
5 Months ago
Auros Global - Senior Site Reliability Engineer

Auros Global

United Kingdom (Remote)
2 Weeks ago
ION - Senior DevSecOps Engineer, Italy

ION

Milan, Lombardy, Italy (On-Site)
5 Months ago
Fortis Games - Senior DevOps Engineer

Fortis Games

Canada (On-Site)
2 Months ago
Granicus - Sr. DevOps Engineer

Granicus

Bengaluru, Karnataka, India (Hybrid)
5 Months ago
Saviynt - Sr. Principal Software Engineer - Privileged Access Management (PAM)

Saviynt

El Segundo, California, United States (Hybrid)
5 Months ago
Rackspace Technology - SOC Analyst L3 (Sentinel is mandatory) - R-19060

Rackspace Technology

Gurugram, Haryana, India (Hybrid)
5 Months ago

Get notifed when new similar jobs are uploaded

Jobs in India

Nielsen Holdings - Big Data Engineer - (MTS 2 / MTS 3)

Nielsen Holdings

Bengaluru, Karnataka, India (Hybrid)
5 Months ago
PwC - IN-Specialist 3_Energy Regulatory_Utility Transformation_Advisory

PwC

Mumbai, Maharashtra, India (On-Site)
2 Months ago
CloudHire - UI/UX Designer

CloudHire

India (Remote)
1 Week ago
EXUSIA - Data Governance Specialist - Collibra

EXUSIA

India (Remote)
5 Months ago
GoTo Group - Lead Software Engineer - Engineering Platform

GoTo Group

Bengaluru, Karnataka, India (On-Site)
4 Months ago
CynLr - Content Manager

CynLr

Bengaluru, Karnataka, India (On-Site)
7 Months ago
PwC - IN_Manager_ Agile Coach_Advisory Corporate_Advisory_Bangalore

PwC

Bengaluru, Karnataka, India (On-Site)
5 Months ago
Hashlist - Senior Data Engineer

Hashlist

Pune, Maharashtra, India (Hybrid)
4 Months ago
PwC - Senior Associate_Hadoop Developer_Advisory Corporate_Advisory_Bangalore Millenia

PwC

Bengaluru, Karnataka, India (On-Site)
6 Months ago
Omnissa - C++ & iOS - Senior MTS & Member of Technical Staff - III

Omnissa

Bengaluru, Karnataka, India (Hybrid)
6 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - IN-Senior Associate__SAP GRC_ITRA_Advisory_  Gurgaon/Mumbai/Bangalore

PwC

Gurugram, Haryana, India (On-Site)
5 Months ago
PwC - IN_Associate_SmartCitiesGIS _Cities_Advisory_Ahmedabad

PwC

Ahmedabad, Gujarat, India (On-Site)
4 Months ago
ByteDance - Technical Account Manager (Edge Cloud)

ByteDance

Boston, Massachusetts, United States (On-Site)
6 Days ago
ION - Markets Governance, Risk and Controls Manager

ION

India (On-Site)
5 Months ago
Epic Games - Senior Vulnerability Manager

Epic Games

(On-Site)
6 Days ago
PwC - Senior Associate - Risk Performance, Governance and Controls (RPGC)

PwC

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
5 Months ago
Crunchyroll - Principal Technical Product Manager - Application Security

Crunchyroll

Los Angeles, California, United States (On-Site)
3 Weeks ago
PwC - Penetration Tester

PwC

Rome, Lazio, Italy (On-Site)
6 Months ago
Redhorse Corp - Industrial Security Policy SME

Redhorse Corp

Arlington, Virginia, United States (On-Site)
4 Months ago
PwC - Auditeur des Systems d'Information

PwC

Douala, Littoral Region, Cameroon (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

About The Company

England, United Kingdom (Remote)

United States (Remote)

Vietnam (Remote)

Vietnam (Remote)

Sacramento, California, United States (Remote)

New York, New York, United States (Remote)

Los Angeles, California, United States (Remote)

Gurugram, Haryana, India (Remote)

View All Jobs

Get notified when new jobs are added by Rackspace Technology

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug