Associate General Manager – Security Operations & Incident Response

Job Title: Associate General Manager Security Operations & Incident Response

Location: India - Ahmedabad

Reporting to: Head Digital Forensics and Incident Response

Department: Cybersecurity Services Digital Forensics and Incident Response

Qualifications & Certifications:

• Bachelors or Masters in Cybersecurity, Computer Science, or Engineering
• Preferred certifications: CISSP, CISM, GCIA, GCIH, or SOC-related credentials
• 12 + years of cybersecurity experience, with at least 6 years in SOC/IR leadership roles
• Experience managing global SOC operations or OT-specific cyber operations is a strong plus

Role Overview:

The Associate General Manager Security Operations & Incident Response will be responsible for orchestrating enterprise-wide incident response strategies across both OT and IT environments. The role demands deep operational expertise, the ability to coordinate with threat intelligence, forensics, red/blue teams, and the vision to continuously evolve detection and response capabilities in line with emerging threats. The role demands leadership in defending critical infrastructure, industrial networks, and enterprise systems.

Key Responsibilities:

• Oversee real-time incident handling, escalation management, and response coordination for cyber threats, breaches, and anomalies
• Act as the primary escalation point during high-severity incidents, ensuring containment and rapid resolution
• Design and maintain incident response runbooks, playbooks, SLA matrices, and crisis communication protocols
• Lead and manage triage activities
• Ensure tight integration between SOC operations, threat intelligence, DFIR, and red/blue teams
• Drive detection engineering efforts to improve alert quality, correlation logic, and MITRE ATT&CK mapping
• Implement continuous improvement programs in MTTR, false positive reduction, and analyst productivity
• Lead post-incident RCA reviews, reporting, and feedback loops to enhance readiness
• Manage relationships with OEMs, MSSPs, and security product vendors for technology alignment
• Mentor SOC managers, team leads, and analysts to build a resilient and responsive operations team
• Ensure compliance with security and privacy standards (e.g., NIST, IEC 62443, ISO 27001, DPDP Act)

Key Skills & Technologies:

• Deep expertise in SIEM (e.g., Splunk, QRadar, LogRhythm, SentinelOne), SOAR platforms, EDR/XDR tools, threat intelligence platforms
• Strong knowledge of network security, log analysis, endpoint telemetry, and OT-specific telemetry correlation
• Familiarity with MITRE ATT&CK, cyber kill chain, and threat hunting techniques
• Knowledge of OT security architectures including SCADA, PLCs, DCS, and OT network segmentation
• Scripting and automation exposure (Python, PowerShell, Bash) preferred
• Familiarity with OT SOC environments, ICS protocol detection (Modbus, DNP3), and industrial anomaly detection tools (e.g., Nozomi, Claroty)

Leadership & Personality Traits:

• Strategic thinker with an operations-first mindset and execution rigor
• Calm, decisive, and clear-headed in crisis and high-pressure scenarios
• Strong stakeholder engagement and communication skills across technical and executive levels
• Proven ability to lead multi-location teams with cultural sensitivity and high performance
• Continuous learner with a growth mindset and passion for cybersecurity excellence

Preferred Industry Background:

• Large industrial conglomerates (Power, Ports, Renewables, Mining, Airports)
• OT and IT OEMs
• MSSPs, SOC service providers
• Consulting firms with cyber defence practices (e.g., Big 4)

Kindly email your CV to Mansi.Namdev1@adani.com