Security Engineer

Key Responsibilities:

Design, configure, manage, and maintain the organization's XDR, EDR, NDR, SWG

to protect against advanced threats.

Contribute to our SOC capabilities by deploying and optimizing security tools and

technologies.

Develop and enhance threat hunting playbooks, detection rules, and response

procedures.

Conduct proactive threat hunting to detect and analyze potential threats,

vulnerabilities, and incidents.

Collaborate with SOC analysts to improve incident response times and process

efficiency.

Provide expertise during security incidents and lead technical breach

investigations.

Develop and deliver technical training and documentation for SOC personnel.

Stay current with emerging security threats, technologies, and trends.

Support continuous improvement efforts to enhance system security and SOC

Operations.

Qualifications:

Bachelor's degree in Computer Science, Information Security, or a related field.

Relevant certifications (such as CISSP, SANS, etc.) are a plus.

3-9 years of experience working in a Security Operations Center (SOC) or Security

Engineering department.

Proven hands-on experience with EDR, NDR and SWG. E.g. CrowdStrike,

SentinelOne, Cortex XDR, Microsoft Defender, Corelight, Suricata IDS, Zeek,

Zscaler, NetSkope

Familiarity with BDS or BAS is a significant advantage. E.g: Vectra Networks, Dark

Trace, ExtraHop

Strong understanding of cyber security principles, tools, methodologies, and best

practices.

Prior experience with SOC solution deployment and configuration.

Experience in developing and fine-tuning detection rules and threat hunting

playbooks.

Excellent problem-solving skills and the ability to work under pressure.

Strong communication skills to effectively convey complex security issues to both

technical and non-technical audiences.

Willingness to participate in on-call rotations and respond to security incidents

after hours, as needed. Preferred Skills:

Experience with scripting or programming languages (e.g., Python, PowerShell) for

automation and integration.

Knowledge of SIEM (Security Information and Event Management) solutions and

log analysis.

Understanding of network protocols, encryption, and common attack vectors.

Ability to work collaboratively in a team environment and manage multiple

projects.

Passion for learning and a proactive approach to threat identification and

mitigation.

Key responsibilities:

Develop and implement automations for detection and response

Maintain and enhance already made playbooks and integrations

Enhance response abilities from the SIEM incoming correlation searches

(alerts)

Skills:

Good knowledge in Linux (especially RHEL distribution)

Good knowledge in networking principles

Good knowledge of IaC tools like Terraform and CI/CD tools and principles like

Git and Jenkins

Good knowledge in Microsoft Azure cloud platform

Experience with scripting languages like python or bash

Experiences with previous SOC / cybersecurity tools is a strong plus

Must be able to work independently as well as work as part of a fast-moving

team

Location - Bangalore/Pune