This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
Role Overview L3 Cybersecurity Operations Coordinator acting as a CSIRT/SOC relay between local business teams and global CDOC Ensures rapid incident response, escalation management, and stakeholder coordination Bridges business, functional, and technical cybersecurity operations Key Responsibilities Cybersecurity Operations & Coordination Act as primary cybersecurity contact for local sites Coordinate with global SOC/CDOC teams for operational alignment Ensure proximity-based support for critical assets and business priorities Incident Response & Escalation Management Handle L3 incident escalation and complex case coordination Lead incident triage, mitigation tracking, and remediation follow-up Support end-to-end incident lifecycle (detection → containment → recovery) Advanced Incident Handling (L3 Support) Manage critical and non-standard cybersecurity incidents Lead containment, threat eradication, and system restoration Validate secure remediation and recovery actions Crisis & Major Incident Management Support CSIRT-led crisis management during major cyber incidents Coordinate cross-functional response during high-impact events Stakeholder Management & Communication Act as bridge between technical teams and business stakeholders Ensure bi-directional communication (site ↔ SOC/CDOC) Provide status updates, impact analysis, and action visibility Requirements Translation & Solution Alignment Translate business/security requirements into technical controls Support global cybersecurity solution alignment with local constraints Continuous Improvement & Process Optimization Drive SOC/CDOC process improvements and operational efficiency Promote best practices, knowledge sharing, and service enhancement Key Skills & Competencies SOC / CDOC Operations CSIRT Coordination Incident Response (L3 / Advanced) Cyber Incident Management & Escalation Threat Mitigation & Remediation Crisis Management Stakeholder Management Security Operations (SIEM, Sentinel, Logic Apps) Risk & Impact Alignment Process Improvement & Automation Total Experience Expected: 08-10 years
Job Responsibility
Act as primary cybersecurity contact for local sites
Coordinate with global SOC/CDOC teams for operational alignment
Ensure proximity-based support for critical assets and business priorities
Handle L3 incident escalation and complex case coordination
Lead incident triage, mitigation tracking, and remediation follow-up
Support end-to-end incident lifecycle (detection → containment → recovery)
Manage critical and non-standard cybersecurity incidents
Lead containment, threat eradication, and system restoration
Validate secure remediation and recovery actions
Support CSIRT-led crisis management during major cyber incidents
Coordinate cross-functional response during high-impact events
Act as bridge between technical teams and business stakeholders
Ensure bi-directional communication (site ↔ SOC/CDOC)
Provide status updates, impact analysis, and action visibility
Translate business/security requirements into technical controls
Support global cybersecurity solution alignment with local constraints
Drive SOC/CDOC process improvements and operational efficiency
Promote best practices, knowledge sharing, and service enhancement
Requirements
Engineering graduate - preferably B.E. /B tech in I.T or Computer Engineering
SC-200: Microsoft Security Operations Analyst
BLT1: Blue Team Level 1
GCIH or GCFE/GCFA (or equivalent to IR credential)
Total Experience Expected: 08-10 years
SOC / CDOC Operations
CSIRT Coordination
Incident Response (L3 / Advanced)
Cyber Incident Management & Escalation
Threat Mitigation & Remediation
Crisis Management
Stakeholder Management
Security Operations (SIEM, Sentinel, Logic Apps)
Risk & Impact Alignment
Process Improvement & Automation
SIEM platform: Microsoft Sentinel, QRadar or Splunk/ELK
EDR platform: CrowdStrike and/or Defender
Large enterprise or critical infrastructure with IT/OT boundaries