What success looks like in this role:

• Lead and manage Security Operations Centre
• Manage and perform day-to-day security monitoring and incident response activities for 24x7 operations, using a thorough understanding of cybersecurity. Use Google Secops SIEM skills to enhance workflows, automate processes, and improve efficiency.
• Response activities may include incident response, incident management, driving remediation or threat mitigation and threat hunting.
• compliance to SLA, process adherence and process improvisation to achieve operational objectives.
• Design and implement secure, scalable Google SecOps architectures for SIEM and SOAR deployments aligned with enterprise security and compliance requirements.
• Deploy and maintain log ingestion pipelines using data‑fabric and API‑based integrations
• Develop, prioritize, and tune detection rules in Google SecOps in collaboration with SOC and detection engineering teams.
• Build SOAR automation playbooks to reduce alert fatigue, streamline triage, and improve response efficiency.
• Develop and maintain custom integrations between Google SecOps and third‑party tools for automated ingestion, enrichment, and response.
• Perform threat hunting, threat analysis, and support high‑priority incident investigations.
• Investigate and mitigate threats such as intrusions, DDoS, malware, and phishing across enterprise environments.
• Monitor SIEM alerts, ensure SLA‑aligned response, and support L1/L2 teams with complex escalations.
• Maintain the health of security sensors and SIEM infrastructure, ensuring stability and data quality.
• Ensure all processes, documentation, playbooks, and SOPs remain accurate and up to date.
• Stay current on emerging cyber threats, vulnerabilities, and compliance trends to strengthen detection and response capabilities.
• Lead customer discussions with technical thought leadership, articulate cyber risks in business context, and maintain strong client relationships.
• Integrate processes and technologies, with the objective of a "single pane of glass" for monitoring and comprehensive security response process.
• Participate in security tool evaluations and POCs aligned to technology and detection roadmaps.
• Collaborate with IR, threat intel and forensics, to enhance overall cyber SecOps posture.
• Ensures documented processes and procedures are relevant and up to date

• Desired Candidate Profile:

• Hands-on experience with Google Cloud’s SecOps tool stack and architecture (SIEM, SOAR, Threat intelligence).
• Strong knowledge of security principles and frameworks such as MITRE ATT&CK and Killchain.
• Proficient scripting skills in Python for automation and integration development.
• Skills in Unified Data Model for log normalization / parsing.
• Experience conducting hunting with multiple data sources using common hunt methodologies and tooling
• Analyze security logs to identify new threats
• Lead projects/initiatives to mature SOC and work with partners across the organization to deliver results.
• Knowledge of Digital forensics
• Responsive to challenging tasks
• Broad understanding of Windows and Linux Operating Systems, networking protocols and cloud computing
• Ability to multitask and prioritize work effectively
• Highly motivated self-starter
• Proven verbal and written communication skills, with an ability to clearly explain complex technical challenges
• Scripting with Python, Perl, Bash and/or PowerShell a plus
• Certifications such as: Google Cloud Professional Architect, Google Cloud Professional Security Engineer, Certified Cloud Security Professional, CEH, CISSP, CISM, CCSK etc.,
• Familiarity with Cloud infrastructure broadly, exposure to multi-cloud environments (AWS, Azure)

You will be successful in this role if you have:

Qualifications:

• A Bachelor’s or Master's degree from a university (preferably in Computer Science, Engineering, or a related discipline), or equivalent security industry work experience
• Minimum 7-10 years of experience in Cyber Security Operation and security domain with threat detection engineering or enterprise IT Security.
• Hands-on experience with Google Cloud’s SecOps tool stack and architecture (specifically SIEM, SOAR and Google Threat Intelligence).
• Proficient scripting skills in Python for automation and integration development.
• Strong proficiency in log normalization and parsing across diverse telemetry sources.
• Highly Energetic and Quick Learner
• Good communication skills with positive attitude.
• Willingness to learn new technology platforms
• Must be experienced in the incident response lifecycle and SLAs

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers.

If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at [email protected]. US job seekers can find more information about Unisys’ EEO commitment here.