Apply now »

Job Title: Principal Information Security Specialist

Job Code: 10549

Country: IN

City: Mumbai

Skill Category: IT\Technology

Description:

Nomura Overview:

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.

Nomura Services, India supports the group’s global businesses. With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the group’s global operations.

At Nomura, creating an inclusive workplace is a priority. Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events. Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry. We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards.

Division Overview:

The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm’s information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firms polices.

The Global Information Security Team is based in Europe, Asia, India and America.

Business Unit Overview:

The team’s focus is to serve as the single point of contact for all Information security related queries, concerns and technologies. Provide a high standard of user and business support in a responsive and timely manner across all businesses, take responsibility and ownership for maintaining the global strategy and controls for the delivery and operational deployment of global security initiatives in a manner consistent with the common business goals and objectives.

Skills & Experience

Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related fields with 8-12 years’ experience in Information Security with at least 3-5 years in a SOC Leadership.
Strong knowledge of security technology areas like Security Operations Center, Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, Malware Analysis etc.
Proven experience in handling security events in mission critical environments, hands-on troubleshooting, analysis, and technical expertise to guide team members in resolution of incidents as per agreed SLA.
Hands-on experience with MITRE ATT&K, incident response frameworks such as NIST and SANS.
Sound knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection)
Should have sound knowledge of SIEM/EDR/Data Lake/UEBA such as ArcSight, QRadar, Elastic search, SOAR etc. and help team in investigating security issues and/or complex operational issues
Should have experienced in the Usecase management lifecycle and stay updated with New Threat threats to integrate in SOC monitoring.
Should have previous experience in solving day-to-day operational processes such as security monitoring, data correlation, security operations and cloud monitoring would be add-on.
Experience in implementing and monitoring Cloud Security controls for AWS and Azure cloud
Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases)

Other Experience

Good organization, communication, and coordination skills are essential for this position.
This job requires managing projects and delivering services so experience in either project management or ITIL service management is desired.

Preferred

Any security certifications, such as: GCIH, CISSP, CISM, Security+, CEH, CCSK, or similar industry recognized certifications.
Project management certifications, such as PMP, Prince2, or CSM.
Other best-practice IT certifications such as ITIL or COBIT
Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
Experience working in a global team.

Personal Characteristics

Strong communication skills, ability to work comfortably with different regions.
Good team player, ability to work on a local, regional and global basis and as part of joint cross location teams and cross functional teams.
Ability to be pro-active and self-manage tasks through to completion.
Able to perform under pressure.

Position Specifications:

Corporate Title	VP
Functional Title	SOC Manager
Experience	15+ years’ experience in Information Security with at least 5+ years in a SOC Leadership
Qualification	B.E / B.Tech / MCA / M.Tech
Location	Powai, Mumbai
Requisition No

Role & Responsibilities:

We are seeking an experienced and proactive SOC Manager to lead our 24x7 Global SOC team. The ideal candidate will be responsible for managing security analysts, overseeing daily operations, coordinating incident response efforts, and continuously enhancing threat detection, analysis and response capabilities. The SOC Manager will ensure operational excellence, threat coverage, and alignment with enterprise security policies, compliance mandates, and business objectives. The SOC Manager will be expected to:

Lead and manage a team of SOC analysts across various shifts, ensuring 24x7 operational coverage.
Oversee the monitoring, detection, analysis, and response to cyber threats, incidents and vulnerabilities.
Establish, document, and refine SOC processes, playbooks, and workflows for consistent and effective response.
Manage Global and Regional stakeholder, Business Units, SOC services Expansion at group level and Manage Compliance to Global and regional regulators DORA, MAS
Coordinate with internal IT, legal, compliance risk, and external stakeholders during security incidents and investigations.
Drive use case development, detection tuning, and threat hunting initiatives using SIEM, SOAR, and threat Intelligence platforms.
Implementation of SOC control objectives and drive continuous improvement to SOC Metrics
Ensure SOC performance through KPIs, SLAs, and continuous service improvement initiatives.
Perform regular threat modeling, incident simulations (tabletop exercises), and post-incident reviews.
Evaluate and recommend new tools, services, capabilities to improve SOC effectiveness.
Ensure compliance with relevant security standards (e.g., ISO 27001, NIST, GDPR, etc.).
Mentor and develop SOC team members through coaching, training, and career development plans.
Support internal and external audit by providing necessary evidences and documentation.

Additional Responsibilities

Create, develop, and manage tools and scripts/process to assist in the monitoring of cyber risk, intelligence sources, and automation of processes.
Develop metrics and reporting programs for senior leadership.
Project management of Intelligence Lifecycle, including documentation.
Occasional off-hours and weekend work required.

All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)).

Requirement (indicate mandatory and/or preferred):

Mandatory

Drive SOC Strategy as per the Global Leadership strategy:

Strong knowledge of Security log data pipeline solution
Understanding of Log sources onboarding covering MITRE ATT&K Framework
Ensure parser development for unsupported logs sources
Security Data Lake implementation
Proven experience on UEBA for Insider Threat detection
Usecase management for SOC Monitoring

Nomura Leadership Behaviours:

Leadership Behaviours	Description	Element
Exploring Insights & Vision	Comprehensively analyse the nature of the problems we face and set our focus toward the future vision	Gather Intelligence Create a vision Identify an issue
Making Strategic Decisions	Analyse options and feasibility to resolve issues, in making judgments and recommendations	Identify countermeasures Assess feasibility Make a judgment
Inspiring Entrepreneurship in People	Promotes the vision and goals to others in such a way that inspires commitment and independent contributions	Influence Inspire Commit
Elevating Organizational Capacity	Maximize organizational productivity through leadership development and engagement	Have an ownership in own development Support other‘s growth Encourage organizational growth
Inclusion	Respect diverse perspectives and promote psychological safety and the creation of a risk culture	Foster psychological safety Encourage the active participation of all talent Foster a risk culture

We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer’s responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age.

*Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.

Apply now »