Senior Security Engineer

Job Summary

We are seeking a Senior Security Engineer who is passionate about building and maintaining a world-class security program in a dynamic, global environment. You will serve as the technical anchor for our team, driving our "Cyber Operations & Threat Management" capabilities. This role acts as the primary bridge between our US-based engineering team and our India-based operations. 

This is a high-impact role for a "builder" and a technical leader. You will not only execute advanced security tasks but also serve as a force multiplier by using automation to reduce operational toil and foster efficiency. You will lead a team of analysts through technical mentorship, collaborating with cross-functional teams to protect our infrastructure. While this is a senior individual contributor role, it offers the opportunity to grow into a management position based on demonstrated leadership qualities. 

What You’ll Do

Key Responsibilities

• SOC Leadership: Oversee day-to-day SOC activities - monitoring alerts, triaging incidents, and coordinating escalations while acting as the primary point of contact during EST business hours.. 
• Automation & Efficiency: Identify repetitive operational tasks and architect automated solutions using Python, Bash, or PowerShell. Build custom integrations between security tools to ensure seamless data flow that supports 24/7 global operations.. 
• Incident Response: Own the incident response lifecycle: detection, containment, investigation, remediation, and lessons learned, managing independent execution during US hours and coordinating handovers. 
• Mentorship: Provide mentorship and career development opportunities to junior staff, utilizing a mix of synchronous sessions during overlap windows and asynchronous methods like video walkthroughs and ticket reviews ensuring expertise in areas like cloud security and incident response. 
• Cloud Security & DevOps: Work closely with infrastructure and DevOps teams to secure cloud deployments (e.g., containers, CI/CD pipelines). Advocate for secure coding practices and automated security testing. 
• Vulnerability Management: Oversee vulnerability management programs - from scanning and assessment through remediation tracking and reporting. 
• Continuous Improvement: Drive continuous improvements in processes and procedures, including the standardization of global handoff protocols and operational runbooks for remote and hybrid teams. 

Core Capability Areas 

• Security Engineering & Automation: Systematically reducing manual "toil" by scripting workflows, integrating APIs, and deploying orchestration to accelerate detection and response across the global security stack. 
• SOC Operations: Providing 24/7 vigilance through continuous monitoring, alert triage, and systematic tuning of the security stack to eliminate blind spots to ensure seamless coverage. 
• Vulnerability Management: Reducing the attack surface through continuous asset discovery, risk-based scanning, and coordinated remediation of security flaws. 
• Incident Response: Minimizing business impact by maintaining rapid forensic investigation, containment, and recovery capabilities. 
• Offensive Security: Validating defense effectiveness by simulating real-world attacks through rigorous penetration testing and red-teaming exercises. 
• Threat Intelligence: Driving proactive defense by analyzing global threat trends and OSINT to anticipate and neutralize targeted attack campaigns. 
• Insider Threat Management: Detecting and preventing internal risks through behavioral analytics and strategic data loss prevention protocols. 

About You 

• Experience: 5–7+ years of combined IT and security experience in Security Operations in a lead capacity. 
• Technical Expertise: 
• Deep understanding of threat detection, vulnerability management, incident response, and enterprise security controls. 
• Automation: Proven ability to write scripts (Python, PowerShell, Bash) and automate security workflows to improve efficiency. 
• Security Stack: Familiarity with SIEM, EDR, NDR, WAF, and DLP technologies. 
• Infrastructure: Familiarity with modern infrastructure (cloud platforms, containerization, CI/CD pipelines). 
• Soft Skills: Excellent communication skills - able to manage and mentor team members across varying shifts and convey complex concepts to both technical and non-technical stakeholders. 
• Education: Bachelor's degree in Computer Science, Information Systems, or related field preferred (or equivalent experience). 
• Certifications: Relevant security certifications (e.g., CISSP, GIAC, CISM, OSCP) are highly desirable. 

Working Conditions 

• On-Site: This position is based on-site in India. 
• Time Zone: Candidates must be willing to coordinate across multiple time zones and strictly align working hours to the US East Coast (EST) businesss hours. 
• On-Call: Participation in on-call rotations for high-severity incidents is required. 

 

About GLG / Gerson Lehrman Group

GLG is the world’s insight network. Our clients rely on GLG’s global team to connect with powerful insight across fields from our network of approximately 1 million experts (and the hundreds of new experts we recruit every day).

We serve thousands of the world’s best businesses, from Fortune 500 corporations to leading technology companies to professional services firms and financial institutions. We connect our clients to the world’s largest and most varied source of first-hand expertise, including executives, scientists, academics, former public-sector leaders, and the foremost subject matter specialists.

GLG’s industry-leading compliance framework allows clients to learn in a structured, auditable, and transparent way, consistent with their own internal compliance obligations and the highest professional ethical standards. Our compliance standards are a major competitive differentiator and key component of the company’s culture.

To learn more, visit www.GLGinsights.com.

Gerson Lehrman Group, Inc. (“GLG”) is an equal opportunity employer and will not discriminate against any employee or applicant on the basis of age, race, religion, color, marital status, disability, gender, national origin, sexual orientation, veteran status, or any classification protected by federal, state, or local law.