Manager - Captive Operations

Job Description

Purpose of Your Role -

Service Delivery Specialist plays a critical role in the onboarding and deployment of Cloud SOC solutions, Onprem SIEM and SOAR Deployments leading the end-to-end technical implementation of SIEM, SOAR, and UEBA platforms. This role demands deep hands-on experience with complex log source integrations, parser and connector development, distributed architecture design, and custom threat detection content mapped including MITRE ATT&CK, UEBA, Cross Corelation etc.

Responsible for executing multiple projects concurrently, including one large-scale enterprise deployment, one medium-sized rollout, and two smaller implementations across various industries and cloud environments. The focus is purely technical, with no management or administrative responsibilities, though it is expected to provide solution clarity and technical guidance to junior engineers where necessary.

Summary of the role -

·       Work on Technical onboarding and solution deployment for new and existing SOC customers across Cloud and Onprem Enterprise Customers.

·       Deployment of distributed SIEM architectures optimized for performance, scalability, and security across hybrid/cloud setups.

·       Develop custom API connectors, Device Onboarding, and API integrations with security tools, business apps, and custom sources.

·       Engineer custom parsers for non-standard log formats using regex, JSON/XML handling, or scripted normalization.

·       Implement MITRE ATT&CK-aligned use cases, detection rules, and dashboards tailored to specific customer threat models.

·       Build and manage SOAR playbooks for automated triage, enrichment, ticketing, and containment actions.

·       Configure UEBA models to detect user/entity anomalies including data exfiltration, lateral movement, and privilege misuse.

·       Perform complex troubleshooting of ingestion errors, correlation mismatches, parsing issues, and automation issues.

·       Work on 3 to 4 concurrent implementation projects, balancing timelines and quality:

o   1 large enterprise deployment (Less than 20000 EPS)

o   1 mid-size organization with moderate complexity (Less than 5000 EPS)

o   2 smaller projects (Less than 2000 EPS)

·       Support technical workshops, solution design sessions, and validation testing without owning project or team management.

·       Provide technical support to junior team members on scripting, content logic, parser validation, and integration flow.

·       Prepare runbooks, HLDs, Implementation Documents, LLDs and other technical project documents.

·       Ensure smooth HOTO process and Customer signoffs

·       Take complete ownership of technical deliverables as per scope.

Academic/Certifications/Soft skills -

·       Bachelors degree in computer science or related IT field

·       8+ years of relevant work experience with a leading MSSP, OEM partner, and/or IT security experience in SIEM, SOC, SOAR and UEBA Implementation.

·       Professional OEM certifications

·       CISM, CEH etc.

·       CSP Security Certifications - GCP, AWS and Azure

·       Possess an impeccable work ethic and a high degree of integrity.

·       Effective Communication - Capable of clearly conveying technical concepts to both technical and non-technical stakeholders, including documentation and presentations.

·       Adaptability- Quickly adjusts to changing priorities, new technologies, and evolving threat landscapes in fast-paced environments.

·       Problem-Solving Attitude - Demonstrates a proactive and solution-oriented mindset when addressing challenges during implementation or operations.

·       Collaboration - Works well with cross-functional teams and Customers to drive successful project outcomes.

Experience -

·      Experienced in deploying and managing LR SIEM platforms

·      Proficient in configuring and customizing SOAR tools

·      Skilled in implementing UEBA solutions

·      Adept in scripting with Python, Bash, and PowerShell for automation and parser development.

·      Well-versed in designing distributed SIEM architectures across cloud, hybrid, and on-prem environments.

·      Proficient in onboarding log sources from cloud services (AWS, GCP, Azure) and enterprise tools.

·      Experienced in building and managing SOAR playbooks for automated incident response workflows.

·      Capable of configuring UEBA models to detect insider threats, behavioral anomalies, and lateral movement.

·      Strong troubleshooting skills across log ingestion, parsing, enrichment, correlation, and automation layers.

·      Experienced in creating detailed runbooks, HLDs, LLDs, and implementation documentation.

·       Strong expertise in parsing and data normalization using Regex, JSON and XML

·       Hands-on experience in custom API integrations using REST APIs, OAuth2, and Webhooks.

·       Capable of integrating log sources via Syslog, Kafka, Pub/Sub, Fluent, and HTTP/S protocols.

·       Well-versed in designing distributed SIEM architectures across cloud, hybrid, and on-prem environments.

·       Skilled in developing MITRE ATT&CK-aligned detection rules, correlation logic, and threat content.

·       Capable of configuring UEBA models to detect insider threats, behavioural anomalies, and lateral movement.

·       Familiar with security frameworks and compliance frameworks including MITRE ATT&CK, NIST, CIS, PCI-DSS, HIPPA, ISO27001 and STIX/TAXII.

Tata Communications Redefines Connectivity with Innovation and IntelligenceDriving the next level of intelligence powered by Cloud, Mobility, Internet of Things, Collaboration, Security, Media services and Network services, we at Tata Communications are envisaging a New World of Communications

Information :

• Company : Tata Communication
• Position : Manager - Captive Operations
• Location : Jaipur, Rājasthān
• Country : IN