Job Title:  Senior Support Analyst

Job Code:  3720
Country:  IN
City:  Mumbai
Skill Category:  IT\Technology

Title: GCTI  Automation Engineer


Manager: Trishant Shetty

Division:  Security Operations Center


Department: GTS

Background Information:


The Global Information Security teams are responsible for the confidentiality, integrity and availability of the firm’s information and assets. Responsible for maintaining, communicating and raising awareness of the Policy. Facilitate the effective implementation and compliance of the firms polices.


The Global Information Security Team is based in Europe, Asia, India and America.


Description of IT service:
The candidate will assist in automation of SOC processes and reporting requirement.


Duties & Responsibilities:


Job Overview:

  • Strong scripting skills mandatory in Python.
  • Work with technology SME’s to collect and document uses cases and develop integrations and playbooks
  • Collaborate with other platform owners to ensure integrations working as designed
  • Drive continuous improvement on existing playbooks based on requirements from operations team for changes in threat landscape or security controls
  • Working with the Cyber Threat Response Team and other Command Center teams to develop innovative integrations and playbooksWorking with the Cyber Threat Response Team and other Command Center teams to develop innovative integrations and playbooksWorking with the Cyber Threat Response Team and other Command Center teams to develop innovative integrations and playbooksWorkingWorkWorkUse REST calls to various APIs to enrich and contextualize alarms
  • Write and execute SQL to manipulate data in SQL databases like Postgres
  • Write and execute NoSQL queries in MongoDB / Elastic databases
  • Preferred Working experience on Security Tools - SIEM, End Point Security, Email Security, Web Proxy, Firewall etc.
  • Advanced skills in Excel are necessary and experience in MS Access is desirable.
  • Writing custom reports, SQL Scripts, Advance Searches and queries
  • Troubleshoots data issues, validates result sets, recommends and implements process improvements
  • Ability to effectively translate management requests in to reporting specifications.
  • Possess strong communication and analytical skills to effectively elicit, capture, develop and implement management requirements from reporting perspective.


Role has the scope to expand further based on success and integration of the above core function.


Knowledge, Skill, Experience Required:



  • Strong scripting skills Python/PowerShell Scripting
  • Familiarity with security orchestration and automation tools to build SOAR playbooks, REST API based automation workflow in collaboration with Security Operations, Threat Intelligence, Vulnerability Management teams.
  • Design report options and/or database queries to meet the needs of the organization
  • Security Mindset to research threats and bring implementation idea’s to automate manual task
  • Strong understanding of Regular Expressions.
  • Strong English Language skills
  • Ability to prepare accurate reports for all levels of staff in a language and tone appropriate to the audience.



  • PowerShell, Perl or Shell Scripting
  • Creation of Selenium based scripts in python for automation
  • Knowledge of ServiceNow Development.
  • Knowledge of SQL Server Reporting Services (SSRS) skills for writing reports and creating data extracts from a Database is desirable.
  • Prior experience on Threat Hunting, creating hypothesis and doing data search on Big data lake platform.
  • ASP .NET
  • Python-based web framework – Django/Flask
  • Proficiency in development practices like test automation, CI/CD, source version control, GitHub, etc.
  • Microsoft Technology Associate(MTA):Database Administration Fundamentals
  • Microsoft Certified Solutions Associate (MCSA): SQL Server 2008/2012 certification.
  • MCSE: Business Intelligence certification

Personal Characteristics:

  • Strong communication skills, ability to work comfortably with different regions
  • Actively participate within internal project community  
  • Good team player, ability to work on a local, regional and global basis and as part of joint cross location initiative.
  • Self-motivated, able to work independently and with a team
  • Able to perform under pressure.