SOC Lead Engineer

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €30.5 Billion international wholesaler with operations in 31 countries through 625 stores & a team of 93,000 people globally. Metro operates in a further 10 countries with its Food Service Distribution (FSD) business and it is thus active in a total of 34 countries.

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide Finance, HR, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 12 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

Website: https://www.metro-gsc.in

Company Size: 600-650

Headquarters: Pune, Maharashtra, India

Type: Privately Held

Inception:  2011

●Configure, deploy, maintain and constantly enhance security technologies such as SIEM/SOAR (Google Chronicle), EDR/EPP(Crowdstrike), and other security-related solutions.

●Support in leveraging Google Chronicle SOAR capabilities by designing and implementing SOAR playbooks, including necessary integration and automation.

●Develop and fine tune content for the different tools including but not limited to SIEM Use Cases, SOAR playbooks, Threat intelligence watchlist and rules.

●Select and recommend additional security solutions or enhance existing security solutions to improve overall METRO detection and response capabilities as per the METRO cyber security strategy.

●Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through SOC controls.

●Generate reports and documentation related to platform performance and continuous improvement recommendations for management and stakeholders.

Technical & Soft Skills:

●In-depth knowledge and hands-on experience with SOC technologies and tools such as Google Chronicle SIEM, CrowdStrike EDR/EPP, Vectra NDR, Recorded Future TI, etc.

●Strong knowledge and skills in scripting, and development of automation and orchestration code.

●Strong hands-on experience with various operating systems, networking protocols, and application architectures.

●In-depth Knowledge of industry standards and frameworks such as MITRE ATT&CK, Magma Framework, NIST, ISO 27001, etc.

●Familiarity security operations center (SOC) operations, incident response, threat detection, and vulnerability management.

●Excellent communication and interpersonal skills to effectively collaborate with clients, stakeholders, and internal teams.

●Analytical and problem-solving skills to identify and troubleshoot SOC platform technical issues.

●Ability to adapt to changing security threats and evolving business requirements.

●Strong organizational and time management skills with the ability to coordinate and prioritize multiple tasks simultaneously.

●Ability to work under pressure, especially during critical security incidents.

●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., Comptia Security+, SANS/GIAC) may be preferred.

• Experience 7+ years.