Senior Cyber Security Admin- L2

Job Title

Senior Cyber Security Admin- L2

Location

Delhi, Vadodara, Hyderabad

Reporting To

MIS Infrastructure & Operations Manager

Business Context

Transformer manufacturing organization with US production plants and India-based engineering/design operations. The environment includes enterprise IT, cloud platforms (Microsoft 365, Azure, AWS), multiple remote sites, and shopfloor/OT-connected systems under centralized governance.

Role Summary

The Senior Cyber Security Administrator is responsible for the secure, reliable, and compliant operation of on-premises, cloud, endpoint, network, and shopfloor-connected systems. This role owns day-to-day cybersecurity operations, vulnerability management, incident response, patch governance, security awareness, and continuous improvement of the organization’s security posture across IT and OT environments.

Key Responsibilities

A. Security Strategy & Governance

· Define, implement, and enforce cybersecurity policies, standards, SOPs, and access controls aligned with industry best practices and NIST frameworks.

· Drive security architecture improvements, system hardening, segmentation, and control tuning.

· Track emerging threats, advisories, and vulnerabilities; recommend risk-based mitigation strategies.

B. Security Operations (IT & OT)

· Deploy, manage, and maintain security controls including firewalls, IDS/IPS, endpoint AV/EDR, email security, encryption/PKI, logging, and secure baselines.

· Monitor and analyze logs from servers, endpoints, firewalls, and applications; investigate anomalies and lead remediation efforts.

· Manage identity and access controls across AD/Entra ID, privileged access, and periodic access reviews.

· Coordinate network security changes (LAN/WAN, VPN, Wi-Fi, segmentation) with Network and Plant IT teams.

· Provide on-call support for high-priority security incidents impacting production or business operations.

C. Vulnerability Management & Patch Governance

· Plan and execute Vulnerability Assessment and Penetration Testing (VA/PT) across servers, endpoints, networks, web applications, cloud workloads, and applicable shopfloor systems.

· Track findings to closure using risk-based prioritization and validate post-remediation effectiveness.

· Own security patch management for Microsoft and third-party platforms; coordinate maintenance windows to minimize manufacturing impact and track compliance.

D. Incident Response & Recovery

· Lead site-level and enterprise incident response activities including triage, containment, eradication, recovery, and RCA.

· Implement corrective and preventive actions, validate controls, and update runbooks and DR procedures.

· Support and periodically test Disaster Recovery and Business Continuity plans.

E. Cloud & Platform Security

· Secure Microsoft 365 and Azure environments: Conditional Access, Defender suite, Secure Baselines, Intune/MDM, and email protection.

· Manage AWS security controls including IAM, security groups, logging, KMS, and vulnerability workflows.

· Ensure protection of data at rest and in transit across on-prem and cloud environments.

F. Awareness, Audit & Reporting

· Design and deliver cybersecurity awareness programs, including phishing simulations, with measurable outcomes.

· Support internal and external audits; ensure compliance with security and governance requirements.

· Produce periodic cybersecurity reports covering incidents, vulnerabilities, patch status, and risk posture.

· Maintain accurate documentation: runbooks, diagrams, asset inventories, and security baselines.

G. Leadership & Collaboration

· Drive Jira-based security ticket management with clear ownership, SLAs, and escalation paths.

· Mentor junior team members and work closely with Infrastructure, Network, Cloud, and Application teams to embed security into operations and projects.

Tools & Environment (Indicative)

· Email security: Mimecast or equivalent

· Endpoint security: AV / EDR / Device Control

· Microsoft security: Defender suite, Entra ID, Intune, Conditional Access

· Vulnerability management: Tenable / Qualys / Rapid7 (or equivalent)

· SIEM / logging platforms

· Patch management: WSUS, SCCM, Intune, third-party patching

· Ticketing: Jira

· Cloud platforms: Azure/M365 and AWS

Experience

· Minimum 8+ years of experience in cybersecurity operations, governance, vulnerability management, and incident response within enterprise environments.

Education

· Bachelor’s degree in engineering (BE/BTech) or Postgraduate degree in Computer Science, IT, Cybersecurity, or a related field.

· Equivalent professional experience may be considered.

Certifications

· CISA or CISM preferred.

· Strong alignment or practical experience with NIST security frameworks is required.

· CISSP, Security+, CEH, Microsoft or AWS Security certifications are a strong advantage.

Technical & Professional Skills

· Strong hands-on expertise with firewalls, IDS/IPS, AV/EDR, encryption, vulnerability management, and secure configurations.

· Solid understanding of TCP/IP, networking, VPNs, and segmentation.

· Experience with Windows Server, AD/Entra ID, Microsoft 365, Azure, and AWS.

· Exposure to manufacturing or OT security environments is a plus.

Personal Attributes

· Proactive and risk-focused mindset with strong analytical skills.

· Clear communicator with the ability to work across technical and non-technical teams.

· Highly organized, detail-oriented, and capable of owning outcomes under pressure.