• Assist in the delivery of Cybersecurity Operations services and projects. • Investigate security alerts and anomalies identified through Google’s security tools. • Collaborate with cybersecurity teams to support architecture changes and implement new solutions. • Identify and suggest new detection use cases for real-time threat detection. • Contribute to the development and maintenance of automation playbooks. • Support and participate in security risk assessments and audits related to Cloud environment. • Manage vulnerabilities using Googlenative or third-party security tools. • Monitor and act on assigned security operations activities in the SOC.

• Oversee day-to-day security operations • Guide incident response activities • Drive continuous improvements across security posture • Partner closely with IT, Engineering, Compliance, and other teams • Lead and develop the Security Operations Team • Manage 24/7 monitoring of security alerts • Ensure effective usage of SIEM, SOAR, EDR, and threat-intel platforms • Track and evaluate emerging threats, CVEs, and global security trends • Ensure timely mitigation across cloud, endpoints, and applications

• Leading, coaching, and developing the Security Operations Team • Driving overall cyber security operations strategy • Designing and maturing operational processes, playbooks, and response frameworks • Overseeing 24/7 monitoring, triage, and response to security alerts and incidents • Ensuring effective usage and tuning of SIEM, SOAR, EDR, and threat‑intel platforms • Leading major incident investigations and coordinating cross-functional remediation • Managing vulnerability scanning, prioritization, and remediation governance • Tracking and evaluating emerging threats, CVEs, 0‑days, and global security trends • Ensuring timely mitigation across cloud, endpoints, and applications

• Monitor, detect, analyze, and respond to cybersecurity threats across the organization's environment • Oversee detection queue health and ensure consistent SLA adherence • Conduct advanced investigations involving complex, multi-stage attacks across endpoint, identity, network, cloud, and third-party environments • Act as a primary escalation point for major incidents • Drive continuous improvement of detection logic, escalation criteria, and investigative workflows • Support incident response efforts during active security events • Participate in threat hunting missions derived from threat intelligence reporting • Contribute to the development, testing, and refinement of detection rules and correlation logic in the SIEM • Review vulnerability scan results and assist in triaging findings based on severity, exploitability, and asset criticality • Support the review and triage of alerts generated by User and Entity Behavior Analytics (UEBA) platforms