Start apply with LinkedIn
Date: 5 Dec 2025
Location: Bangalore, KA, IN
Company: Alstom
Req ID:503060
At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, more than 80 000 colleagues lead the way to greener and smarter mobility worldwide, connecting cities as we reduce carbon and replace cars.
| Key Responsbilities: | Security Operations: Work across multiple shifts to ensure 24/7 security monitoring and incident response. Oversee threat detection and response using SIEM, NIDS, and endpoint protection platforms. Administer and maintain Trellix ePO for endpoint security and policy enforcement. Monitor and manage alerts from Network Intrusion Detection Systems (NIDS). Coordinate incident tracking and resolution using ServiceNow. Collaborate with IT and facilities teams via Maximo for infrastructure-related security events. Governance & Compliance: Ensure SOC operations align with internal policies and external regulatory requirements (e.g., ISO 27001, NIST, GDPR). Maintain and update SOC playbooks, SOPs, and escalation matrices. Participate in internal and external audits, ensuring readiness and compliance. Reporting & Metrics: Generate and present regular reports on SOC performance, incident trends, and threat landscape. Track and report KPIs such as MTTR, false positive rates, analyst efficiency, and SLA adherence. Provide executive-level summaries and dashboards for senior leadership and governance forums. Continuous Improvement: Drive automation and optimization of SOC workflows and alert triage. Collaborate with threat intelligence, IR, and vulnerability management teams to enhance detection capabilities. Evaluate and recommend new tools and technologies to improve SOC effectiveness. |
| Required Qualifications: | Bachelor’s or Master’s degree in Cybersecurity, Information Technology, or related field. Minimum 3 years of experience in SOC operations. Strong experience with SIEM platforms, Trellix ePO, NIDS, ServiceNow, and Maximo. Solid understanding of incident response, malware analysis, and threat intelligence. Excellent leadership, communication, and analytical skills. Relevant certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent is preferrable. |
| Preferred Qualifications: | Experience with cloud security monitoring (AWS, Azure, GCP). Familiarity with MITRE ATT&CK framework and threat modeling. Knowledge of scripting and automation (Python, PowerShell). Experience working with SOC operations in a hybrid or global environment. |
You don’t need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, you’ll be proud. If you’re up for the challenge, we’d love to hear from you!
Important to note
As a global business, we’re an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. We’re committed to creating an inclusive workplace for everyone.
Job Type:Experienced
-
Apply Now
-
Please wait...
