Senior Security Engineer

Role Overview

We are looking for a hands-on Security Platform Engineer to deploy, manage, and continuously improve the security infrastructure that underpins our MXDR / MSSP operations. The role covers the full stack from endpoint and network security to SIEM engineering and detection engineering and is suited for someone who is equally comfortable hardening a Windows or Linux server, tuning firewall rules, and building detection logic in a SIEM.

The ideal candidate will have strong expertise across SIEM platforms, cloud and network security, zero trust architecture, and automation, with the ability to lead engineering initiatives and deliver production-grade security solutions.

Key Responsibilities

–Deploy and administer SIEM platforms, including designing and delivering solutions to customers.

–Own the log onboarding lifecycle – log source integration, parsing, normalization, enrichment, and storage optimization across multi-tenant environments.

–Deliver and Manage EDR and XDR platforms include deployment, policy configuration, agent management, and health monitoring.

–Participate in customer workshops, architecture reviews, and prepare HLD and LLD documents for finalized architecture.

–Support pre-sales teams in solution, technical discussions, and proposal responses

–Build and maintain detection content - correlation rules, use cases, and UEBA models aligned to MITRE ATT&CK

–Develop and maintain SOAR playbooks for automated alert triage, containment, and response workflows.

–Administer and tune DLP policies; investigate DLP incidents and work with business teams to reduce false positives while protecting sensitive data.

–Deploy, harden, and maintain security controls across Windows and Linux environments, including patch management, OS-level hardening, and access control.

–Deploy, manage and administer firewall platforms (NGFW) - including policy creation, rule review, traffic analysis, and periodic audits.

–Configure and support VPN solutions for secure remote and site-to-site connectivity.

–Extend security controls to cloud environments (AWS, Azure, GCP) including cloud-native security services, IAM governance, and network security groups.

–Deploy and administer any IAM Solution to manager privileged accounts and access policies

–Support Zero Trust and ZTNA implementations for secure application access

–Monitor platform health, manage SLAs, and drive capacity and cost-efficiency improvements

–Maintain engineering run books, SOPs, and platform documentation.

–Write and maintain automation scripts (Python, REST APIs) to streamline platform operations, integrations, and reporting

What We're Looking For:

– Experience working in an MSSP & MXDR operational environment.

– 5+ years of hands-on experience in security infrastructure and platform engineering.

– Proven experience deploying and administering firewall platforms (NGFW) and DLP solutions in enterprise environments.

– Hands-on SIEM Deployment and engineering experience with at least two platforms (Wazuh, Sentinel, Securonix, QRadar, CrowdStrike SIEM, or Chronicle).

– Experience deploying and managing any of EDR/XDR platforms — SentinelOne, CrowdStrike Falcon, or Microsoft Defender.

– Solid detection engineering skills - writing correlation rules, use cases, and tuning alerts based on MITRE ATT&CK.

– Scripting ability in Python or equivalent for automation and platform integration tasks.

– Familiarity with SOAR platforms and incident response automation

– Understanding of cloud security fundamentals across AWS, Azure, or GCP.

– Having relevant cloud security (Azure, AWS, GCP) and tool expertise certifications will be an added advantage

Key Competencies

- Strong problem-solving and analytical thinking

- Ability to lead engineering initiatives and mentor teams

- Excellent communication and stakeholder management skills

- Passion for automation, innovation, and continuous improvement