This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a MDR Team Lead based in India.
This role offers the opportunity to lead cybersecurity operations and protect organizations through advanced Managed Detection and Response services.
You will guide security analysts, oversee incident investigations, and ensure high-quality threat detection and response outcomes.
The position combines technical expertise, team leadership, operational management, and customer-focused security delivery.
You will work with security professionals to improve investigation processes, strengthen detection capabilities, and respond to evolving cyber threats.
Your leadership will directly contribute to enhancing security resilience, operational excellence, and customer trust.
This is an ideal opportunity for an experienced cybersecurity professional who enjoys mentoring teams and solving complex security challenges in a global environment.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a MDR Team Lead based in India.
This role offers the opportunity to lead cybersecurity operations and protect organizations through advanced Managed Detection and Response services.
You will guide security analysts, oversee incident investigations, and ensure high-quality threat detection and response outcomes.
The position combines technical expertise, team leadership, operational management, and customer-focused security delivery.
You will work with security professionals to improve investigation processes, strengthen detection capabilities, and respond to evolving cyber threats.
Your leadership will directly contribute to enhancing security resilience, operational excellence, and customer trust.
This is an ideal opportunity for an experienced cybersecurity professional who enjoys mentoring teams and solving complex security challenges in a global environment.
Accountabilities:
- Lead daily MDR operations by managing case queues, analyst workloads, SLA performance, escalations, and resource allocation to ensure consistent service delivery.
- Oversee and guide security investigations, validating findings, assessing business impact, recommending response actions, and ensuring appropriate escalation management.
- Act as a key point of contact during customer and internal escalations by providing clear updates, risk assessments, recommendations, and resolution plans.
- Coach, mentor, and develop MDR analysts through case reviews, technical guidance, performance feedback, and knowledge sharing.
- Conduct quality assessments of investigations, documentation, customer communications, and operational processes to drive continuous improvement.
- Analyze operational metrics and dashboards to identify trends, risks, capacity challenges, and opportunities to improve service quality.
- Develop and maintain SOPs, playbooks, workflows, and knowledge resources to improve operational consistency and readiness.
- Provide technical leadership in intrusion analysis, incident response, digital forensics, malware investigations, and threat hunting activities.
- Lead response efforts during major security incidents, ensuring effective coordination, decision-making, and resolution ownership.
- Stay updated on threat actor tactics, techniques, and procedures (TTPs) to enhance detection and response capabilities.
- Collaborate with Engineering, Research, and Security Content teams to improve detection accuracy, reduce false positives, and address recurring investigation challenges.
- Up to 12 years of total professional experience.
- Minimum 5 years of cybersecurity experience, including 2–3 years leading, mentoring, or coordinating analysts in a SOC, MDR, Incident Response, or similar environment.
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
- Hands-on experience with security operations, threat detection, incident investigation, and response processes.
- Strong knowledge of endpoint and network security technologies, including IDS/IPS, EDR, ATP, malware protection, and monitoring platforms.
- Experience with threat hunting methodologies and familiarity with the MITRE ATT&CK framework is preferred.
- Understanding of adversary tactics, cyber threat intelligence, and incident response frameworks.
- Strong technical expertise in Windows environments, including host artifacts, endpoint telemetry, event log analysis, and operating system security events; knowledge of macOS and Linux is a plus.
- Solid understanding of networking concepts including TCP/IP, routing, switching, and traffic analysis.
- Experience with SIEM platforms, enterprise security data management, and security data querying.
- Working knowledge of PowerShell and Python for automation and investigation support.
- Strong analytical, troubleshooting, prioritization, and decision-making skills in high-pressure environments.
- Excellent written and verbal communication skills, including the ability to create clear reports, case summaries, operational updates, and executive-level communications.
- Experience performing quality reviews and providing actionable feedback to improve analyst performance.
- Proven ability to build team capability through coaching, onboarding, training, and knowledge sharing.
- Strong stakeholder management and customer-facing skills, with the ability to explain technical findings and recommendations to diverse audiences.
- Advanced cybersecurity certifications are preferred but not mandatory.
- Remote-first work model with flexibility depending on role requirements.
- Opportunity to work on advanced cybersecurity solutions protecting organizations worldwide.
- Collaborative environment with experienced security professionals and global teams.
- Employee-led diversity and inclusion communities that encourage connection and learning.
- Volunteer opportunities and initiatives supporting local communities.
- Sustainability programs focused on reducing environmental impact.
- Global fitness, wellness, and engagement activities.
- Wellbeing days, webinars, and resources supporting employee health and balance.
- Continuous learning and professional development opportunities.
- Inclusive workplace culture focused on innovation, collaboration, and personal growth.