JOB PROFILE

Position
Location	Noida
Reporting Mgr. Name	Sushil Kumar
Department	IT Operations
Reporting Mgr. Designation	Infrastructure Head
Offered Grade

Our Purpose
At Niva Bupa, our purpose is “to give every Indian the confidence to access the best healthcare”

Our Values
Commitment
Innovation
Empathy
Collaboration
Transparency

Proficiency Level (Please Tick)

• L1: HEAD OF FUNCTION/BUSINESS (Sr. Leadership Team)
• L2: MANAGER OF MANAGER
• L3: MANAGER
• L4: INDIVIDUAL CONTRIBUTOR

About Niva Bupa Health Insurance Company
Niva Bupa Health Insurance Company Limited (formerly known as Max Bupa Health Insurance Company Limited) is a joint venture between Fettle Tone LLP (an affiliate of True North Fund VI LLP), a leading Indian private equity firm, and the Bupa Group, a leading international healthcare company with a legacy of providing specialized healthcare services for over 70 years.

Niva Bupa’s growth story has been phenomenal. We are one of the fastest growing Stand Alone Health Insurers in the country with a current employee strength of 7000+ with growth rate of 154% since FY 20 and growing. We are a fully integrated health insurance provider with in-house claims processing; underwriting and servicing. Our goal is to achieve more than 10000 Cr GWP By 2027 & thus requires goal oriented individuals to be a part of this exciting growth journey to achieve it.

Niva Bupa is certified Great Place to Work for the 3rd year running and aims to become one of the best workplaces in the BFSI industry.

Niva Bupa is an Equal Opportunity Employer committed to achieving diversity within its workforce, and encourages all qualified applicants to apply, irrespective of gender, age, sexual orientation, disability, culture, religious and ethnic background. At Niva Bupa 12% of our team handling roles are led by women. We welcome specially-abled professionals to join our team.

ESG: Supporting action to protect, restore and regenerate local environments for the benefit of our customers, our people, our communities and wider society.

For more details visit our website- www.nivabupa.com

Job Summary

We are seeking a highly analytical and technical WAF / EDR / SSE Security Specialist to join our Security Operations team. In this role, you will be the primary line of defense responsible for monitoring, triaging, and investigating security alerts generated across our critical edge, endpoint, and cloud service boundaries.

You will manage the alert lifecycles of three primary pillars: Web Application Firewalls (WAF) for application edge defense, Endpoint Detection & Response (EDR) for host-level security, and Security Service Edge (SSE) for secure cloud/web access (including CASB and ZTNA). The ideal candidate is an alert-triage expert who can rapidly distinguish between complex false positives and malicious behavior, ensuring critical incidents are escalated and mitigated before damage occurs.

Key Roles & Responsibilities

• Continuous Alert Monitoring & Triage: Monitor high-volume alerts from WAF (application layer attacks), EDR (endpoint/host anomalies), and SSE (data loss, malicious web traffic, unauthorized cloud application usage) via our SIEM/SOAR platform.
• Deep-Dive Investigation: Analyze security events to determine root cause. Validate if anomalous endpoint behavior, suspicious web requests, or strange cloud data access represents a true positive threat or a benign business action.
• WAF Tuning & Management: Review WAF blocks and alerts (e.g., SQLi, XSS, automated bot traffic). Coordinate with application teams to tune false positives and optimize WAF rule sets without disrupting legitimate traffic.
• Endpoint Incident Containment: Leverage EDR tools to isolate compromised endpoints, kill malicious processes, harvest forensic artifacts, and investigate execution chains (e.g., malicious PowerShell, process injection).
• SSE & Data Security Enforcement: Track anomalies in data movement and web gateways. Identify shadow IT, potential data exfiltration vectors, and violations of our Zero Trust Network Access (ZTNA) policies.
• Reporting & Documentation: Document comprehensive investigation timelines and findings in our ticketing system. Create weekly/monthly metrics reporting on alert volumes, true vs. false-positive ratios, threat trends, and time-to-remediate.
• Playbook Optimization: Work closely with senior security engineers to automate repetitive triage tasks by developing and refining SOAR (Security Orchestration, Automation, and Response) playbooks.

Key Requirements – Education & Certificates

Bachelor’s degree – BTech or equivalent

Key Requirements - Experience & Skills

Technical

• Experience: 2–4+ years of dedicated SOC, MDR, or specialized security monitoring experience focusing on endpoint and web application defenses.
• EDR Tool Proficiency: Deep, practical experience using major EDR/XDR platforms (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint, Carbon Black).
• WAF Experience: Solid understanding of HTTP/HTTPS protocols, the OWASP Top 10, and experience triaging alerts or adjusting rules in enterprise WAFs (e.g., Cloudflare, Akamai, AWS WAF, Imperva).
• SSE/SASE Literacy: Familiarity with Security Service Edge architectures, including Secure Web Gateways (SWG), Cloud Access Security Brokers (CASB), and Zero Trust Network Access (ZTNA) solutions (e.g., Zscaler, Netskope, Palo Alto Prisma).
• Log & Packet Analysis: Strong capability in reading and interpreting security event logs, syslogs, application logs, and analyzing network traffic patterns.
• Analytical Mindset: Excellent investigative skills with the ability to correlate seemingly unrelated alerts (e.g., a WAF alert followed by a specific EDR process launch) to map out an adversary's footprint.

Nice to have

• Relevant security certifications such as:
• Foundational: CompTIA Security+, CySA+, or GIAC Security Essentials (GSEC).
• Vendor-Specific: CrowdStrike Certified CCFA/CCFR, Cloudflare/Netskope/Zscaler certifications.
• Experience writing basic queries to hunt for threats (e.g., KQL for Microsoft Defender/Sentinel or SPL for Splunk).
• Basic scripting skills (Python, Bash, or PowerShell) to aid in alert log parsing.

Behavioral

• Ownership and Accountability: Takes full responsibility for VAPT triaging.
• Collaboration and Influence: Works effectively across internal teams and external vendors.
• Communication: Communicates technical issues clearly to both technical and non-technical audience.
• Analytical Thinking: Uses structured thinking and data-driven approach to solve problems, assess risks and make recommendations.
• Adaptability: Thrives in a dynamic environment.

Key Functional Competencies

Functional competency	Beginner	Intermediate	Expert

NBHI Core Competencies

Behavioral Competency	Beginner	Intermediate	Expert

Targets/ KRA/ KPI (Tentative Business Nos./ Goals, Measure of Success & Weightages)

Goals	Measures of Success	Weightage
Company MOS	Defined as per Company Policy	Defined as per Company Policy

Functional Hierarchy/ Reporting Matrix

Hiring Manager has to inform the TA Team about the Reporting manager’s grade and the candidate’s grade. (Reporting Manager and Prospective New Hire Grade to be clearly mentioned below)