Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry.

Job Description

Summary:

Step into a role where your expertise truly matters. As a Level 3 Incident Response Analyst, you’ll be part of a high-performing global SOC responsible for safeguarding a complex, large-scale financial environment. This is a hands-on, high-impact position for cybersecurity professionals in Mumbai who want to work on sophisticated threats, modern tooling, and global-level operations.

What makes this opportunity stand out:

• Work directly with global teams across Security Operations, Engineering, Architecture, HR, and business leadership

• Lead deep‑dive investigations, advanced threat hunting, and coordinated incident response

• Operate across a modern security stack with strong investment in people, process, and technology

• Exposure to real-world financial‑sector threats and adversarial techniques

• A culture that values continuous learning, curiosity, and technical excellence

Who thrives here:

We’re looking for someone who is genuinely passionate about security operations and incident response, stays sharp on emerging threats, and enjoys solving complex problems in fast-moving environments. If you bring strong SOC/IR experience, a collaborative mindset, and the drive to grow into a global cyber leader, you’ll feel right at home.

Why join us:
This is more than a SOC role-it’s a chance to be part of a dynamic, expanding team that challenges itself, supports each other, and is committed to staying ahead of adversaries. If you want to elevate your career, work with world‑class cyber talent, and make a real impact in the financial sector, this opportunity is built for you.

Primary functions and essential responsibilities

• Detect and respond to cyber events, threats, and vulnerabilities
• Lead IR activities during the shift you are responsible for, ensuring timely and effective response
• Conduct IR exercises and postmortems with measurable outcomes
• Use SOAR to automate repetitive tasks and improve efficiency
• Provide timely updates to stakeholders and leadership
• Identify and document TTPs, IOCs, and artifacts
• Create queries and scripts to support investigations
• Maintain IR and forensic procedures and documentation
• Contribute to the incident response plan and post‑incident reporting
• Maintain and update SOC runbooks and playbooks
• Conduct threat hunting using intelligence and hypotheses
• Partner with engineering teams to optimize SOC operations
• Support continuous security control validation
• Participate in Purple/Blue team activities and campaign analysis
• Mentor junior analysts and support team development
• Deliver projects on time and meet stakeholder expectations
• Assist in developing SOC metrics and scorecards
• Drive adoption of AI-enabled detection and automation
• Apply an attacker mindset to strengthen detection and response

QUALIFICATIONS:

Education:

• Bachelor’s degree in Computer Science, Information Technology, or equivalent work experience
• Certifications such as GSEC, GCIA, CISSP, OSCP are a plus

Skills:

Excellent communication and influence skills
Strong understanding of offensive and defensive security
Ability to improve monitoring and response at scale
Strong analytical and decision‑making skills
Calm under pressure and tight deadlines
Proven mentoring ability
High integrity and trustworthiness
Ability to think like an attacker and anticipate adversary behavior
Comfort working in an environment adopting AI and automation

Experience Required:

• 6+ years in cybersecurity or security operations consulting
• Strong IR and forensic investigation experience
• Scripting experience (PowerShell or Python)
• Experience with SOAR preferred
• Experience with SIEM and EDR platforms
• Experience with cloud environments
• Experience mentoring or leading team members
• Experience with automation or AI‑assisted detection is a plus

General Requirements:

• Willingness to work primarily in SGT (Singapore Business Hours) and occasionally other shifts
• Ability to work onsite at the Ares Mumbai office
• Experience with SIEM, EDR, UEBA, and NBAD
• Understanding of attack methods and SIEM signatures
• Strong event analysis skills
• Knowledge of network protocols and log formats
• Understanding of cloud environments
• Strong analytical and problem-solving skills
• High personal integrity and professionalism
• Ability to work effectively across cultures and levels
• Adaptability to evolving environments
• Passion for cybersecurity and continuous learning
• Knowledge of security frameworks, attack methodologies, and intrusion detection
• Excellent verbal and written English communication skills
• Interest in leveraging AI, automation, and adversary-emulation techniques

Reporting Relationships

There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active.