Sr. Security Engineer

About This Role

Responsibilities

• Lead the end to end SOC alerts workflow
• Operationalize the Regular Incident Response Plan and Major Incident Response Plan across teams
• Own SOC tools and automation (with Google SecOps as the primary SIEM, SOAR, Google Threat Intelligence, Gemini AI integrations and Jira as the authoritative system of record)
• Coordinate with managed SOC provider (Tier 1) to ensure low noise of false positives, high quality triage, implementation of playbooks, clean escalations, and measurable MTTD/MTTR improvements
• Design workflows and playbooks, lead investigations and RCA for high impact incidents, and mentor SOC Engineers and Analysts
• Own the SOC alert lifecycle: Alert Ingestion → Triage → Routing → Investigation → Determination → Reporting
• Act as Major Incident Manager (MIM) for security events meetings
• Ensure strict adherence to Perforce's Incident Response Policies for regular incidents
• Maintain the SOC Charter, operating model, and guardrails as per the Operationalization Plan
• Own the SOC RACI and routing matrix across SOC, CloudOps, IT, Engineering, and the provider
• Lead design, configuration, and continuous tuning of Google SecOps (Chronicle SIEM + SOAR + case management, Google Threat Intelligence and Gemini integrations)
• Design and implement automation to enrich alerts (asset context, user context, historical activity)
• Trigger Jira tickets and playbooks based on Google SecOps cases
• Support SLA monitoring and notifications (MTTR, remediation timeframes)
• Partner with Corporate Security on CI/CD and IaC security automation where incident workflows intersect with pipelines
• Define and own a core set of playbooks aligned to IRP/MIRP
• Oversee False Positives and Exceptions processes
• Own SOC KPIs and operational metrics
• Produce and present the Monthly SOC Summary Report
• Lead RCA and post incident reviews
• Champion a culture of continuous improvement
• Act as day to day lead and senior escalation point for SOC Engineers and Analysts in Pune
• Coach and mentor team members on process adherence and effective alert handling
• Build strong partnerships with vendors, partners and stakeholders

Requirements

• Bachelor's or master's degree in computer science, Information Security, Engineering, or related field
• 8+ years of experience in Security Operations, Incident Response, or SOC roles
• 2+ years in a lead or senior engineer capacity
• Proven experience working with managed SOC providers
• Deep hands on experience with SIEM / security analytics platforms (Google SecOps / Chronicle strongly preferred or equivalent)
• Experience with case and ticket workflows integrated with Jira or other ITSM platforms
• Strong background in incident response aligned with NIST/ISO
• Demonstrable experience running containment, eradication, recovery, and post incident RCA
• Experience coordinating Major Incidents involving multiple teams
• Solid understanding of Cloud platforms Security (AWS, GCP, Azure) and their logging/monitoring stacks
• Endpoint security knowledge (Microsoft Defender or equivalent)
• Knowledge of common attacker TTPs across infrastructure, endpoints, and SaaS
• Hands-on Experience with Security automation (Python/Go/Ruby, SOAR, API based integrations)
• Experience with SIEM and SOAR tools (e.g., Google Sec-Ops, Tenex, Q-radar etc..)
• Ability to interpret and operationalize written processes and RACI models
• Building AI Agentic Workflows and Orchestration (Preferred)
• Generative AI Engineering (Google ecosystem) Techniques like Gemini Powered Investigation, AI Playbooks development, Prompt Engineering for security (Preferred)
• Use AI to correlate signals across the infrastructure (Preferred)
• AI Red Teaming, AI Model Monitoring, Cross functional AI Support (Preferred)
• Certifications such as GCIA, GCED, GCIH, GCDA, GCFA, CISSP, CCSP, or similar (Preferred)
• Experience in a global SaaS or multi product organization (Preferred)
• Prior experience leading or actively participating in SOC2 or ISO 27001 audit evidence collection (Preferred)
• AI fluency appropriate to role and level, including responsible use of AI tools, sound judgment, and adherence to company AI governance and security policy standards

About Perforce Software

Perforce Software, Inc. is an American software company founded in 1995, specializing in developer tools for version control, application lifecycle management (ALM), and DevOps. Headquartered in Minneapolis, Minnesota, Perforce has grown into a comprehensive platform through strategic acquisitions, serving over 15,000 customers globally, including Fortune 10 companies. The company offers a wide range of solutions designed to enhance productivity and collaboration in software development. Key products include Helix Core, a robust version control system; Perforce ALM, an integrated suite for managing requirements and testing; and TeamHub, a Git-based repository management tool. Additional offerings encompass agile planning software, automated testing, and open source support services. Perforce's tools are utilized across various industries, including gaming, media, and semiconductors, enabling teams to manage complex projects and workflows effectively.