Lead Analyst – SOC

Lead Analyst – SOC

8-10 Years





Sacumen was born to address the pressing needs of Security Product Companies

SACUMEN works with Cyber security product companies to develop security products, solutions, and connectors (aka. 3rd part integrations). We have worked with 50+ Security Product Companies (many of them are Fortune 500 companies) such as AT&T, Symantec, Palo Alto Networks, Varonis, BigID(Israel), Bitdefender.

We have won multiple awards in providing Product Engineering Services to Cybersecurity product companies. SACUMEN had witnessed more than100% year on year growth over the past few years

What is in it for you?

  • Cyber security is one of the hottest fields. Working with us will transform you not only a top tech member but also evolve you as a Cyber security expert.
  • You get to work full lifecycle of product and solution development (right from Design to final deployment)
  • You would get opportunity to work with the latest and varied tech stacks covering Cloud infrastructure (AWS, Google cloud, Azure), Containerization (Docker, Kubernetes etc.), Cloud applications, DevOps, etc.
  • We expect you to take full ownership of your module/projects. No micromanagement. You plan your work and time and the flexibility is given. We focus on output and outcome.
  • Performance driven culture. Your growth is in your hands. You get opportunities to take up newer responsibilities and innovate.
  • Sacumen’s leave policies, long weekend policy (ensures you get one long weekend every month! You get around 7 additional leaves per year).

Job Description

  • Oversee all cyber security matters in support for Application, Cloud Infrastructure and IT Security, Incident Response and Threat Intel
  • Provide appropriate updates to management regarding security event handling, trends, analysis, incident response, and resolutions
  • Work closely with Security Leadership to identify and implement process changes, improvements, and efficiencies and ensure solid security practices
  • Continuously conduct research on current cyber trends, news, breaches
  • Collaborate with other functions within the organization
  • An active member of our Architecture CoE team, providing thought leadership to our engineering teams
  • Serve as a leader and mentor for our CyberSec team
  • Ensure cybersecurity controls and services are configured with the correct posture to support business requirements based on the Validus’s Cybersecurity Architecture framework
  • Participate in proof of concepts and other technical evaluations of cybersecurity technologies, designs, and solutions
  • Stay abreast of cybersecurity emerging technologies and proactively assess and evaluate the adoption into the organization
  • Lead technical discussions with business units and leadership to develop technical requirements and quickly assess security and compliance needs.
  • Promote and drive a DevSecOps culture.
  • Good understanding and hands-on experience with common security systems, including WAF, IPS/IDS, EDR, DLP, authentication systems, content filtering, etc.
  • Experience developing detection logic for enterprise SIEM systems and with exploitation techniques and use case development.
  • Experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems and network devices.
  • Coding Experience in Scripting & programming languages (such as Java, Bash, Python, PowerShell etc.) to use these skills to integrate cybersecurity solutions and automate the protection, detection and response processes.
  • Experience supporting a Cybersecurity Architect framework through the development of procedural documentation (playbooks and runbooks).
  • Understanding of Amazon Web Services cloud environments and its security controls and their corresponding challenges.
  • Understanding of microservices architectures & distributed Platforms especially in the SaaS businesses
  • Understanding of global frameworks and standards like NIST, ISO 27001/27002/27017/ 27018, GDPR, etc.
  • Implementing & maintaining ISO 27001 framework requirements for ensuring adequate security levels


  • Minimum 8 years of working experience in Cyber Security Operations
  • Conduct extensive VAPT drills
  • Must have any one of the certifications CISA / CISM / CISSP / OSCP
  • Conduct extensive Application security assessments, using tools like Sonarqube, Burp suite
  • Experience with providing security on Cloud Infrastructure and Application
  • Solid understanding of top industry cyber security frameworks, such as MITRE ATTACK and NIST Cyber Framework
  • Setup and manage Security Operations Center (SOC)

Apply for this Job

    Sacumen at a Glance

    Sacumen specializes in working with Security Product Companies. We are working with 50+ Security Product Companies such as Symantec, Palo Alto Networks, Varonis, AlienVault, IBM, CA Technologies, ThreatConnect, SecurityScorecard, ForgeRock, Code42, Flashpoint etc in the areas of Connector Development, Connector Support and Product Engineering.

    We have built 750+ Connectors in the areas of SIEM, IAM, Ticketing Systems, Incident Response, Cloud Applications, Cloud Monitoring, Threat Intelligence Feed, Endpoint Security, Cloud Storage, GRC, Vulnerability Management, Authentication, etc.