Lead Security Analyst - SOC

Job Title / Role – Lead SOC

About Amagi:

Globally, Amagi works with 800+ content brands, delivering 3800+ channels with deployments in 150+ countries, managing programmatic ad opportunities over 50 billion. Amagi has industry-leading deep technical integration with 150+ Free Ad-supported Streaming TV (FAST) services, making it one the largest tech providers and a first-party ad platform for the FAST industry segment.Amagi has a presence in New York, Los Angeles, London, Paris, Singapore, Seoul and Sydney, with innovation centers in Bangalore, Zagreb, and Lodz, and a global media monitoring center in New Delhi. Amagi is one of the highest valued media-tech companies in the world and its investors include Accel, Norwest Venture Partners, General Atlantic, Premji Invest, Avataar Ventures, and Nadathur Holdings.

Today, Amagi is the fastest-growing media and entertainment technology company on Earth. Founded in 2008, Amagi is a global leader in cloud-based products and solutions for broadcast and connected TV. Our cloud-based platforms support broadcast quality, 24-hour linear channel production, channel distribution to Free Ad-Supported Streaming TV platforms, live orchestration for sports and news, OTT server-side ad insertion, and monetization analytics, as well as cost-effective disaster recovery.

Our identity and mission: Amagi, epitomizing the essence of freedom, embarks on an extraordinary mission to establish the world's foremost media technology business rooted in a foundation of goodness. Our commitment to autonomy is paralleled by our shared connection through a compelling purpose, with the Amagi way serving as our guiding light. In our pursuit, we strive to create a harmonious blend of individual freedom and collective purpose, shaping a unique and transformative journey that sets us apart in the realm of media technology.

For more information, visit www.amagi.com.

Overview

Amagi is seeking a highly skilled Lead Security Analyst - SOC to join our security team in Bangalore. This role focuses on Detection Engineering, SIEM/WAF rule management, Cloud Security, and SOC operations. The ideal candidate will have 5-8 years of experience in security operations, with a strong technical background in AWS/GCP, Kubernetes, and DevOps practices, alongside proficiency in Python for scripting and automation. This is a full-time, in-office position offering a unique opportunity to work on cutting-edge cloud technologies in a dynamic environment.

Key Responsibilities

Detection Engineering & Rule Management

• Design, implement, and maintain robust SIEM detection rules to identify security threats and anomalies.
• Configure and optimize Web Application Firewall (WAF) rules to protect against web-based threats.
• Build and enhance automated detection workflows, integrating with existing security tools to improve threat detection and response efficiency.

Cloud Security and Misconfiguration Management

• Identify and remediate security misconfigurations in AWS, GCP, and Kubernetes environments.
• Partner with DevOps teams to embed security best practices in cloud and CI/CD workflows.
• Implement and monitor security controls to ensure adherence to compliance standards and frameworks.

SOC Processes

• Lead the development and execution of SOC processes, including incident response plans, escalation procedures, and playbooks.
• Manage shift/on-call schedules to ensure 24/7 SOC coverage and efficiency in operations.
• Mentor and upskill junior SOC analysts, fostering a culture of continuous learning and improvement.

Automation and Programming

• Leverage Python to automate security tasks, enhance detection workflows, and reduce operational overhead.
• Create custom scripts and tools to address complex security challenges efficiently.

Threat Intelligence and Reporting

• Incorporate threat intelligence feeds into detection systems to proactively identify emerging threats.
• Generate detailed security metrics, reports, and dashboards for stakeholders to track SOC performance and risks.

Collaboration & Stakeholder Engagement

• Collaborate with engineering, IT, and DevOps teams to align security strategies with business goals.
• Serve as the point of contact for major incidents and ensure timely resolution.

Requirements

Requirements

Experience

7-9 years of experience in SOC operations, with at least 2 years in a lead role.

Technical Expertise

• Proficient in operating SIEM platforms and rule creation.
• Strong experience with WAFs (e.g., AWS WAF, Cloudflare) and related configurations.
• In-depth knowledge of cloud platforms (AWS/GCP) and Kubernetes security.
• Familiarity with DevOps tools like Jenkins, GitHub Actions, and Terraform.
• Familiarity with CSPM and CNAPP tools would be an added advantage.
• Hands-on experience with Python or any general purpose language for automation, scripting, and task optimization.

Soft Skills

• Good leadership, problem-solving, and communication skills.
• Strong analytical abilities and attention to detail.

Job Details

Location

• Bangalore, India

Shift Requirements

• This position may involve on-call work to ensure 24/7 SOC coverage.
• Candidates must be willing to adapt to rotating schedules and provide support during off-hours when required.

Work Type

• Full-Time
• In-Office only