SOC Lead (Sentinel exp is must) , Security Operations

Rackspace Cyber Defense

Security Lead, Security Operations

Shift Timings: 1 pm to 10 pm IST

Rackspace Cyber Defence is our next-generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed, and intelligence-driven security services.

To enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud, and multi-cloud workloads.

To go beyond traditional security controls and deliver cloud-native, DevOps-centric, fully integrated 24x7x365 cyber defense capabilities that provide a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.

We aim to help our customers:

• Proactively detect and respond to cyber-attacks – 24x7x365.
• Defend against new and emerging risks impacting their business.
• Reduce attack surface across various cloud environments.
• Minimize exposure to risks affecting identity and brand.
• Develop operational resilience.
• Maintain compliance with legal, regulatory, and other obligations.

We seek a Security Lead for Security Operations to support our success and deliver a fanatical experience to our customers. The ideal candidate is self-starting, experienced, motivated, commercially aware, service-oriented, and has a proven track record in managing a Security Operations Center (SOC).

The Security Lead will represent Rackspace’s security services and oversee a multi-disciplinary SOC team serving our customers.

• Minimum 12 years of experience in SOC and security engineering.
• Manage a team of first responders ensuring security of customer environments and prompt threat response.
• Identify critical assets using technical tools and interviews.
• Implement or enhance security tooling to enforce security policies.
• Utilize threat intelligence platforms like OSINT to understand threats and adversary TTPs.
• Automate security processes to improve monitoring capabilities.
• Ensure vulnerabilities are resolved within SLA.
• Deep understanding of each customer’s environment.
• Provide regular reports and breach analysis to customers.
• Collaborate with incident response, disaster recovery, and other teams.
• Work flexible hours as needed.
• Handle critical incidents and conduct forensic analysis.
• Support customer onboarding and develop dashboards and use cases.
• Manage platform administration and recommend solutions for issues.
• Coordinate with teams for issue resolution.

• Experience managing a team of Security Operations Engineers or similar roles.
• Experience with cloud-native security tools: Azure Security Centre, Sentinel, GCP Security Command Centre, Chronical, AWS Security Hub, AWS Guard Duty, AWS Macie, AWS Config, AWS Security Lake, AWS CloudTrail, Qualys, Microsoft Defender, CrowdStrike.
• Knowledge of security standards like NIST, ISO27001, CIS, OWASP, CCM.
• Understanding of security controls: network access, IAM, IDS/IPS.
• Skills in malware analysis, network security, intrusion detection, log analysis.
• Degree in computer science, engineering, or IT (preferred but not mandatory).
• Certifications such as CISSP, SSCP, CCSP, GCIH, GSOC or equivalent.
• Self-motivated, proactive, detail-oriented, and organized.
• Excellent communicator, able to explain security concepts clearly.

We are multicloud solutions experts, combining top technologies to deliver end-to-end solutions, advising, designing, building, managing, and optimizing cloud solutions. Recognized as a great place to work, we attract world-class talent committed to innovation and service excellence.

We celebrate diversity and encourage unique perspectives, fostering an inclusive environment where everyone can thrive. We are committed to equal employment opportunities and accommodations for disabilities or special needs.