Security Engineer - Security Operations Center

Security Engineer - Security Operations Center

Roles and Responsibilities

1. Identify/Detect and respond to security incidents/threats per the defined policies & procedures in Security Operations.
2. Perform deep forensics and malware analysis during security events or incident investigations.
3. Ensure adherence to defined Security Operations SLAs with strong quality in analyzing security events and incident response activities.
4. Perform threat hunting, vulnerability assessments, penetration testing, and red team exercises to identify threats across Enterprises, Clouds, Applications, etc.
5. Perform regular configuration reviews and health checks of security monitoring systems.
6. Work with cross-teams and peers to improve detection coverage, logging capabilities, detection, and response systems.
7. Develop and improve operational processes and procedures for event analysis and incident response activities.
8. Provide timely feedback to peers and stakeholders on the latest security trends and threat intelligence, and contribute towards improving the organization's security posture.
9. Automate repeated analysis and response workflows to improve the quality and efficiency of security operations.
10. Participate in purple team & knowledge-building exercises and help constantly improve Security Operations Maturity.
11. Mentor team members and constantly seek feedback to improve overall productivity, effectiveness, and efficiency of Security operations/VM/Red Team

Experience & Skills

1. 1-7 years of experience working in a Security operations environment/VM/Red Team
2. Must be willing to work on shifts and on-call availability in the 24*7 SOC / VM/Red Team
3. Strong Analytical & Problem-Solving skills and the ability to think outside the box.
4. Self-motivated and curious to learn about new systems, technologies, and the latest attacks & detection techniques.
5. Strong understanding of networking concepts, operating systems, cloud & web/mobile applications concepts such as Cookies, APIs, Databases, etc.
6. Strong understanding of infrastructure components such as Routers, Firewalls, Proxies, VPN, etc
7. Strong understanding of security concepts such as encryption, hashing, authentication, integrity, confidentiality, etc.
8. Strong understanding of security tools and processes such as SIEM, IDS, XDR, SOAR, Malware analysis, Atomic Red Teaming, Attack Simulation tools, Vulnerability Scanners, Metasploit, etc
9. Strong understanding of MITRE ATT&CK Framework and standard attack tools, techniques, and procedures.
10. Good verbal & written communication skills and can effectively collaborate with various teams such as Software Engineering, DevOps, IT, Legal, HR, PR, etc.
11. Strong hands-on experience with cloud providers and scripting in Python.
12. Strong work ethic and commitment to fulfilling assigned tasks and responsibilities.
13. Comfortable working in fast-paced environments, rapid changes, and context switching.
14. Bachelor's degree in a related field or equivalent demonstrated experience and knowledge.