Soc Engineer

Job Title:
Job Category:
SOC Engineering -
JM
Information
Security
Permanent
Mumbai
Department/Group:
Location:
Education Requirement:
Experience:
Graduate
Position Reports to:
Level/Salary Range:
No of Positions:
HR Contact:
Sushobhita Dhage
Sushobhita.dhage@bseindia.com
Years of Experience:
Company URL:
www.bseindia.com
About BSE Ltd.:
BSE Technologies Pvt. Ltd. (BSE Tech) is a vibrant and agile set up located in Mumbai. BSE Tech is an established player in e-
enabling businesses in the financial services sector. BSE Tech is a leading provider of cutting-edge IT solutions with focus on
Financial Services markets in India.
BSE Tech is founded and managed by a team of professionals, instrumental in setting up and a wholly owned subsidiary of BSE
Limited (formerly known as Bombay Stock Exchange), Asia's first Stock Exchange. BSE Tech team is also considered to be the
pioneer in introducing the exchange traded financial derivatives trading to Indian marketplace.
BSE Tech has a strong team for development and support who are well versed in stock, derivative & commodities market
exchanges.
Software Products include products, solutions and services for the Financial and Capital Markets addressing Stock and
Commodities Exchanges, Intermediary Brokerage Houses, Merchant Banking Operations and Financial Services in India and
Overseas.
BSE Technologies is among the few companies in its space, following stringent quality and information security standards.
Job Description
Role and Responsibilities: (SOC Engineering / IT Security)
â€
â€
â€
Techsnology Compliance: Regular review of Tools and Technology to ensure that Security Compliances and Hardening
with respect to hardware and software are in place and effective.
Policy and Procedure Compliance: Organization’s internal Policy and procedure documents must be reviewed,
updated time to time and shall be published to respective stakeholders and ensure the adherence to the same.
Regulatory Compliances: Reviewing and tracking all the regulatory controls’ compliances across the organization for
effectiveness
â€
•
•
•
Oversee 24/7 SOC operations, ensuring effective governance via reporting and dashboards.
All actionable arising from compliance report must be tracked until closure with respective stakeholders
Creating and maintaining a technology compliance report
Supporting team in evaluating the IT threat landscape, devising cyber security policy and controls to reduce risk,
leading auditing, and compliance initiatives.
•
•
•
•
•
•
Support in developing cyber resiliency so that the organization can rapidly recover from hacking, security incidents,
or infringements.
Understanding of the various Legal and Regulatory Requirement and implementation of these guidelines to ensure
that the organization complies to these guidelines on an ongoing basis.
Periodic review of the information security policies, configuration, documents and keeping them updated and
relevant to the environment
Contributing to a variety of security policy domains associated with compliance, governance, risk management,
incident management and additional domains.
This job role is responsible for overall supporting the activities of Information Security and reporting the risks and
Closure of the audit comments in a timely manner.
This job role requires to provide weekly/monthly reports on the updates/ Closure of the audit Points. Other Related
Projects being undertaken and the overall Progress Dashboards to CISO and Top Mgmt.
BSE - INTERNAL

Security Policy Development: Create, implement, and update security policies, standards, and procedures to ensure
the protection of the organization's information assets.
Risk Assessment and Management: Identify potential security risks, conduct regular risk assessments, and develop
strategies to mitigate these risks.
Incident Response: Develop and implement an incident response plan, and respond quickly to security breaches,
incidents, and threats to minimize impact and recover data.
Security Monitoring: Continuously monitor networks, systems, and applications for suspicious activities or security
breaches using various security tools and technologies.
Access Control: Manage and enforce access control policies to ensure that only authorized users have access to
sensitive information and systems.
: Conduct regular security training sessions for employees to raise awareness about security best practices and
potential threats.
Vulnerability Management: Identify and address vulnerabilities in the organization's systems and applications
through regular security scans, patch management, and updates.
Data Protection: Implement measures to protect sensitive data from unauthorized access, disclosure, alteration, and
destruction. Use encryption, data masking, and secure data storage practices.
Security Architecture and Design: Design and implement secure network architectures, systems, and applications to
protect the organization's information assets.
Reporting: Provide regular reports on security status, incidents, and compliance to senior management and other
stakeholders.
Collaboration and Communication:
o
o
o
Team Collaboration: Working closely with other IT and security teams to ensure a coordinated approach to
cybersecurity.
Reporting: Providing regular reports on security incidents, threats, and overall security posture to
management and other stakeholders.
Ensure that the organization complies with relevant regulatory requirements, industry standards, and
internal policies. Prepare for and assist with security audits.
•
•
Cloud Security:
o
o
Knowledge of securing cloud environments (e.g., AWS, Azure, Google Cloud).
Understanding of cloud security best practices and tools.
Governance, Risk & Compliance:
Understanding of regulatory requirements (SEBI, RBI, CERT-IN, NCIIPC) and industry standards like GDPR,
o
HIPAA, PCI DSS, and ISO 27001.
Preferred Skills:
•
Technical Skills:
o
Hand on experience in Security solutions: End Point Security (PIM, EDR/XDR, FIM, NAC, IRM etc…), Data
Security (DAM, DLP, Data Classification etc…) and Network Security (Secure Web Gateway, WAF, Firewall,
IPS/IDS, LB etc…)
o
o
Network Security: Understanding of firewalls, VPNs, IDS/IPS, and other network security technologies.
System Security: Knowledge of securing operating systems (Windows, Linux, macOS) and ensuring regular
updates and patch management.
o
Application Security: Familiarity with secure coding practices, application vulnerability assessments, and
penetration testing.
o
o
Encryption: Proficiency in encryption methods and tools for data protection.
Security Monitoring: Experience with SIEM (Security Information and Event Management) tools and other
monitoring systems.
•
•
•
Certifications and Education:
o
Education: A bachelor’s degree in computer science, Information Security, Cybersecurity, or a related
field.
o
Certifications like CISSP, CISM, CEH, CompTIA security+, CISA, ISO27001, ISO22301, CISSP would be an
added advantage:
Analytical and Problem-Solving Skills:
o
o
o
Critical Thinking: Ability to assess situations and make informed decisions quickly and efficiently.
Attention to Detail: Meticulous attention to detail in analysing data and identifying anomalies.
Risk Assessment: Understanding of risk assessment methodologies to prioritize and address potential
threats.
Communication Skills:
o
Report Writing: Capability to document incidents, create detailed reports, and communicate findings
clearly.
o
Collaboration: Effective communication and collaboration with team members and other departments.
BSE - INTERNAL

o
Training and Awareness: Ability to conduct training sessions and promote cybersecurity awareness within
the organization.
•
Soft Skills:
o
Adaptability: Ability to adapt to new threats and technologies in the ever-evolving cybersecurity
landscape.
o
o
Stress Management: Maintaining composure and effectiveness under pressure during security incidents.
Continuous Learning: Willingness to stay updated with the latest trends, threats, and best practices in
cybersecurity.
BSE - INTERNAL