Cybersecurity Senior SOC Analyst

Posted 7 Days Ago
Be an Early Applicant
Mumbai, Maharashtra, IND
In-Office
Senior level
Software • Financial Services
The Role
Monitor, triage, and investigate security alerts across SIEM, EDR, email security, DLP and brand protection. Lead incident response and forensics, tune detections and EDR/DLP policies, perform threat hunting, develop SOC playbooks, mentor junior analysts, and coordinate remediation with IT, cloud, and business teams. Support onboarding and continuous improvement of security technologies; work shift-based schedule with occasional weekends.
Summary Generated by Built In
Reporting To:Associate Manager, SOC

Shift:APAC (7:00 am - 4:00 pm IST) (India)About Russell Investments, Mumbai: 

Russell Investments is a leading outsourced financial partner and global investment solutions firm providing a wide range of investment capabilities to institutional investors, financial intermediaries, and individual investors around the world. Building on an 90-year legacy of continuous innovation to deliver exceptional value to clients, Russell Investments works every day to improve the financial security of its clients. The firm is “Top 12 Ranked Consultant (2009-2024)” in P&I survey 2024 with $962 billion in assets under advisement (as of December 31, 2025) and $376.9 billion in assets under management (as of December 31, 2025) for clients in 30 countries. Headquartered in Seattle, Washington in the United States, Russell Investments has offices around the world, including London, New York, Toronto, Sydney, Tokyo, Shanghai – and has opened a new office in Mumbai, India in June 2023.

Joining the Mumbai office is an incredible opportunity to work closely with global stakeholders to support the technology and infrastructure that drives the investment and trading processes of a globally recognized asset management firm. Be part of the team based out of Goregaon (East) and contribute to the foundation and culture of the firm’s growing operations in India. The Mumbai office operates with varying shifts to accommodate time zones around the world.

For more information, please visit https://www.russellinvestments.com.


Job Description:

Minimum 5+ years of experience in Security Operations Center (SOC) or Cybersecurity Operations.

  • Monitor, triage, and investigate security alerts across SIEM, EDR, Email Security, DLP, Brand Protection, and other security platforms, ensuring timely identification and response to security incidents.

  • Perform advanced analysis of security events by correlating logs, alerts, endpoint telemetry, and threat intelligence to determine the scope, root cause, and business impact of incidents.

  • Lead incident response activities, including containment, eradication, recovery, forensic evidence collection, and post-incident reviews, in accordance with established playbooks and SLAs.

  • Investigate complex security incidents such as phishing, malware, insider threats, compromised accounts, data exfiltration, and advanced persistent threats (APTs), escalating when required.

  • Tune and optimize SIEM use cases, detection rules, EDR policies, and DLP controls to improve detection accuracy, reduce false positives, and enhance SOC effectiveness.

  • Support the onboarding, operationalization, and continuous improvement of new security technologies, ensuring monitoring use cases, documentation, and operational readiness are established.

  • Participate in proactive threat hunting activities using threat intelligence, behavioral analytics, and endpoint telemetry to identify emerging threats and improve detection coverage.

  • Develop, maintain, and enhance SOC playbooks, runbooks, investigation procedures, and knowledge articles to improve operational efficiency and consistency.

  • Mentor and provide technical guidance to junior SOC analysts, assisting with complex investigations, knowledge sharing, and skill development.

  • Collaborate with IT, Cloud, Infrastructure, Application, and Business teams to coordinate incident response, drive remediation efforts, and continuously improve the organization's security posture.

Candidate Requirements Due to the nature of 24x7 SOC monitoring requirements, this position requires, subject to compliance with applicable laws, occasional weekend work and alternate shifts as needed to ensure adequate coverage and meet the demands of our operations.

Role Requirement

  • Strong experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar).

  • Experience with Endpoint Detection & Response (e.g., Microsoft Defender for Endpoint, CrowdStrike, SentinelOne).

  • Experience investigating phishing, email threats, and Business Email Compromise.

  • Hands-on experience with Data Loss Prevention technologies.

  • Experience with Brand Protection platforms and external threat monitoring.

  • Understanding of Windows, Linux, Active Directory, Microsoft 365, Azure/AWS security fundamentals.

  • Knowledge of networking concepts, TCP/IP, DNS, HTTP/S, VPN, and firewalls.

  • Familiarity with MITRE ATT&CK, Cyber Kill Chain, and common attack techniques.

  • Familiarity with industry standards and frameworks, such as NIST Cybersecurity Framework and ISO 27001.

Skills Required

  • Minimum 5+ years of experience in Security Operations Center (SOC) or Cybersecurity Operations
  • Experience with SIEM platforms (Splunk, Microsoft Sentinel, QRadar)
  • Experience with Endpoint Detection & Response (Microsoft Defender for Endpoint, CrowdStrike, SentinelOne)
  • Experience investigating phishing, email threats, and Business Email Compromise
  • Hands-on experience with Data Loss Prevention (DLP) technologies
  • Experience with Brand Protection platforms and external threat monitoring
  • Understanding of Windows, Linux, Active Directory, Microsoft 365, and Azure/AWS security fundamentals
  • Knowledge of networking concepts: TCP/IP, DNS, HTTP/S, VPN, and firewalls
  • Familiarity with MITRE ATT&CK and Cyber Kill Chain frameworks
  • Familiarity with industry standards/frameworks such as NIST Cybersecurity Framework and ISO 27001
  • Experience leading incident response: containment, eradication, recovery, forensics, and post-incident reviews
  • Experience with threat hunting using telemetry and threat intelligence
  • Ability to tune SIEM use cases, detection rules, EDR policies, and reduce false positives
  • Mentoring and providing technical guidance to junior SOC analysts
  • Willingness to work APAC shift schedule with occasional weekend work and alternate shifts

Russell Investments Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Russell Investments and has not been reviewed or approved by Russell Investments.

  • Leave & Time Off Breadth Time off starts at 20 days of vacation in year one (rising to 25 after four years) plus 10 paid holidays and nine sick days, which provides substantial leave coverage. Backup childcare and other leave supports add practical flexibility for life events.
  • Retirement Support A 401(k) company match up to 5% of eligible base salary, alongside access to select Russell Investments funds, offers a meaningful foundation for long‑term savings. This structure provides clear, predictable retirement support.
  • Wellbeing & Lifestyle Benefits Comprehensive medical coverage, employer HSA contributions, a Lifestyle Spending Account, and Modern Health access (10 counseling and 10 coaching sessions per year) strengthen overall wellbeing. These elements enhance total‑compensation value beyond base pay.

Russell Investments Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Seattle, WA
1,951 Employees

What We Do

Russell Investments is a leading outsourced CIO (OCIO) partner and global investment solutions firm providing a wide range of investment capabilities to institutional investors, financial intermediaries, and individual investors around the world. Building on an 87-year legacy of continuous innovation to deliver exceptional value to clients, Russell Investments works every day to improve the financial security of its clients. The firm is the world’s sixth-largest investment adviser, with $1 trillion in assets under advisement (as of June 30, 2022) and $288.3 billion in assets under management (as of March 31, 2023) for clients in 32 countries. Headquartered in Seattle, Washington, Russell Investments has offices in 19 cities around the world, including London, New York, Toronto, Sydney, Tokyo, and Shanghai.

Similar Jobs

Mondelēz International Logo Mondelēz International

EOP o9 IBP configurator

Big Data • Food • Hardware • Machine Learning • Retail • Automation • Manufacturing
Hybrid
Mumbai, Maharashtra, IND
90000 Employees

Mondelēz International Logo Mondelēz International

TA Sourcing Advisor, Frontline Sales

Big Data • Food • Hardware • Machine Learning • Retail • Automation • Manufacturing
Hybrid
Mumbai, Maharashtra, IND
90000 Employees

Morningstar Logo Morningstar

Senior Software Engineer

Artificial Intelligence • Big Data • Enterprise Web • Fintech • Software • Financial Services
Hybrid
Navi Mumbai, Thane, Maharashtra, IND
11500 Employees

ZS Logo ZS

Senior Application Security Analyst (DevSecOps)

Artificial Intelligence • Healthtech • Professional Services • Analytics • Consulting
Hybrid
Pune, Maharashtra, IND
15000 Employees

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account