Team Lead - Information Security
Company:
Medline India
Location:
Pune, Maharashtra, India
Job Title: Team Lead - Information Security
Overview: The Team Lead - Information Security ensures the efficient execution of security operations by driving proactive incident management and strategic security initiatives. This role demands strong technical expertise and analytical thinking to enhance security posture and operational efficiency.
Key Responsibilities:
Overview: The Team Lead - Information Security ensures the efficient execution of security operations by driving proactive incident management and strategic security initiatives. This role demands strong technical expertise and analytical thinking to enhance security posture and operational efficiency.
Key Responsibilities:
- Lead the classification, documentation, and resolution of security incidents.
- Analyze, assign, and escalate high-complexity security issues as needed.
- Establish incident response protocols and ensure adherence to response timelines.
- Investigate complex security issues, determine root causes, and implement preventive measures.
- Collaborate with third-party vendors and escalate unresolved security incidents.
- Conduct vulnerability assessments and evaluate security risks.
- Enhance existing security controls and recommend risk mitigation strategies.
- Provide regular updates on security incidents, mitigation actions, and operational improvements.
- Develop executive-level security reports and presentations.
- Provide guidance on security tool optimization and integration into the organization’s security framework.
- Lead security incident investigations and provide strategic recommendations.
- Cross-Functional Collaboration: Work with IT, compliance, and security teams to integrate security solutions into business operations. Lead the coordination of security initiatives with various departments.
- Provide technical guidance and mentorship to security analysts and team members.
- Foster a culture of continuous learning and development within the team.
- Stay updated on emerging cybersecurity threats, trends, and best practices.
- Recommend and implement security enhancements based on evolving threat landscapes.
- 6-8 years of experience in security operations, incident response, and risk management.
- Hands-on experience with SIEM tools like CrowdStrike, MS Sentinel, Splunk, QRadar, or LogRhythm.
- Expertise in EDR tools, Email Security tools, and forensic network analysis.
- Strong background in SOC operations, including triage, alert investigation, and incident qualification.
- In-depth knowledge of security technologies: DLP, IDS/IPS, Email Security, SWG/Proxy, CASB, CSPM, SASE, SSE, and SIEM.
- Experience with cloud security solutions and platforms such as AWS, Azure, or Google Cloud Platform.
- Proficiency in operating system security for Windows, MacOS, and Linux distributions.
- Strong problem-solving skills with the ability to analyze and resolve complex security issues.
- Strong expertise in ITIL and Change Management.
- Strong technical knowledge in SIEM, EDR, Incident Response, and Email Security tools (ProofPoint, FireEye, CrowdStrike).
- Ability to optimize SOC operations and security workflows.
- Excellent communication and collaboration skills.
- Proficiency in MS Office for reporting and documentation.
- Relevant certifications such as CS, Threat Hunting, or equivalent technical certifications.
- Qualifications: Bachelor’s degree in computer science, Information Security, Electronics & Communication, or a related field & 8+ years of experience in managing and operating security solutions in enterprise environments.