Job Description
At ITecSys Technologies, we have spent over 15 years protecting enterprise clients across healthcare and financial services in India and the United States. Our Security Operations Centre runs 24x7, and as we scale our cybersecurity practice, we are looking for a seasoned Principal SOC Engineer to lead our technical operations, own critical incident response, and shape how our SOC evolves.
About the Role
This is a hands-on leadership position. You will lead and mentor a team of L1 and L2 analysts, serve as the primary escalation point for complex incidents, own end-to-end incident response for critical events, and act as the senior technical interface for enterprise clients. You will drive SIEM tuning, SOAR automation, and threat hunting across client environments — this role demands both deep technical expertise and the maturity to manage client relationships at a senior level.
Bangalore (Hybrid)
Reports to: Head of Cybersecurity / CISO
Manages: L1 and L2 SOC Analysts
Experience: 8+ years in cybersecurity
Key Responsibilities
→ Lead, mentor, and develop a team of L1 and L2 SOC Analysts — set standards, drive SLA performance, build capability
→ Own end-to-end incident response for critical events — investigation, containment, eradication, recovery, and post-incident reporting
→ Serve as the primary escalation point for high-severity incidents and senior client contacts
→ Lead proactive threat hunting using MITRE ATT&CK-based methodologies across client environments
→ Oversee and optimise the full security stack — SIEM, EDR/XDR, SOAR, firewall, email security, and cloud security tooling
→ Drive continuous improvement of SOC processes, detection logic, playbooks, and automation
→ Communicate security posture and SLA performance to client stakeholders with clarity and confidence
Required Qualifications
→ 8+ years in cybersecurity with significant SOC operations and incident response leadership experience
→ Deep expertise in SIEM platforms — Splunk (SPL), Microsoft Sentinel (KQL), or IBM QRadar
→ Strong working knowledge of EDR/XDR (CrowdStrike, SentinelOne, Microsoft Defender), firewalls (Palo Alto, Fortinet), and IDS/IPS
→ Proven track record handling critical security incidents and leading technical teams under pressure
→ Experience in customer-facing or MSSP environments managing escalations and executive communications
→ B.E./B.Tech (CS/IT/ECE), MCA, or equivalent
Preferred Qualifications
→ CISSP, CISM, GCIA, GCIH, or GREM certification
→ SOAR experience — Palo Alto XSOAR, Splunk SOAR, or equivalent including playbook authoring
→ Cloud security exposure — AWS GuardDuty, Microsoft Defender for Cloud, or GCP Security Command Center
→ Scripting in Python or PowerShell for log parsing and automation
→ Working familiarity with ISO 27001, NIST CSF, HIPAA, or PCI-DSS in an operational context
Work Style & Culture Fit
We are looking for someone who leads from the front — technically credible, calm under pressure, and genuinely invested in the growth of their team. You set the standard for how incidents are handled, how clients are communicated with, and how the SOC improves over time.
This role comes with a clear path to SOC Manager and Head of Cybersecurity, with full support from ITecSys leadership to build the practice the right way.
How to Apply
Send your CV and a brief cover note to
Subject line: Principal SOC Engineer Application | [Your Name]
We especially welcome examples of threat hunting reports, post-incident reviews, or SOC improvement initiatives you have led. Shortlisted candidates will be contacted within 7 business days.
Selection process: CV Screening → Technical Assessment → Technical Interview → Leadership Interview → Offer
