Job Title: Cyber Security Engineer (Compliance Focus)
Location: Andheri East, Mumbai
Experience: 5+ years
Budget: Up to ₹10 LPA (Negotiable)
Reporting To: IT Department Head
Working Days: Monday to Saturday
Working Hours: 9:30 AM to 6:00 PM
Position Overview
We are looking for a highly skilled Cyber Security Engineer (Compliance Focus) to lead and strengthen our cybersecurity posture with a strong emphasis on compliance, SOC operations, and risk management.
This role requires a balance of hands-on technical expertise, audit readiness, and leadership capabilities to ensure systems are secure, compliant with ISO 27001, and resilient against evolving cyber threats.
Key Responsibilities
Policy & Compliance Management
- Create and maintain cybersecurity policies (Cyber, Firewall, Data Protection, Incident Response, etc.)
- Ensure compliance with regulatory standards and frameworks like ISO 27001
- Attend and support external ISO audits and ensure audit readiness
SOC Operations & Threat Management
- Lead daily SOC operations including incident triage, escalation, and root cause analysis
- Perform threat hunting, threat detection, and proactive monitoring
- Respond to incidents such as malware infections, brute-force attacks, and privilege escalations
SIEM & Security Engineering
- Develop, fine-tune, and optimize SIEM use cases
- Work with tools like Splunk, Graylog, Wazuh, OSSIM (AlienVault), Darktrace, Huntress
- Build dashboards and reports for leadership on vulnerabilities and incidents
Vulnerability & Risk Management
- Conduct vulnerability assessments, IT audits, and remediation planning
- Collaborate with IT teams for patch management and system hardening
- Implement risk mitigation strategies across infrastructure
Firewall & Infrastructure Security
- Review and manage firewall configurations and network access controls
- Apply best practices in infrastructure and endpoint security
- Maintain antivirus, EDR, and monitoring tools
Cloud & Endpoint Security
- Manage cloud security across Azure, AWS, Microsoft 365 Security & Compliance
- Handle endpoint protection and response mechanisms
Training & Stakeholder Management
- Deliver internal cybersecurity awareness training programs
- Work closely with leadership, auditors, and clients
- Provide mentorship and guidance to SOC analysts and interns
Core Competencies
- SOC Leadership & Team Mentorship
- Threat Detection & Threat Hunting
- MITRE ATT&CK Framework
- Incident Response & Digital Forensics
- SIEM Engineering & Use Case Development
- Vulnerability Management & Risk Mitigation
- Cloud Security (Azure, AWS, Microsoft 365)
- Compliance & Frameworks (ISO 27001)
- Stakeholder Engagement & Client Training
Key Skills
- Threat detection, analysis, and response
- Vulnerability assessment and remediation
- Malware analysis and endpoint security
- Firewall and network security management
- Dashboard creation and reporting
- Security awareness training delivery
Certifications (Preferred)
- CEH v13 (Certified Ethical Hacker)
- CASP+ (Security Operations)
- Microsoft Defender XDR
- Fortinet NSE 1 – Network Security Associate
- Acronis Cloud Tech Associate
- Fortinet Information Security Awareness
Key Achievements (Preferred Profile)
- Designed incident tracking and reporting systems
- Built SIEM operational guides and onboarding frameworks
- Conducted SOC/NOC and cybersecurity training programs
- Presented SOC capabilities to clients and stakeholders
- Delivered phishing simulations and awareness initiatives
Why Join This Role
This role offers an opportunity to take ownership of cybersecurity operations, lead SOC initiatives, and play a critical role in ensuring compliance and protecting organizational assets in a dynamic threat landscape.
