Associate Cybersecurity Engineer, Managed Security Services

We are searching for a dedicated and proficient Associate Cybersecurity Engineer to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, for our India operations. The perfect candidate should have extensive knowledge of Security Information and Event Management (SIEM) tools, including Microsoft Sentinel, Splunk, and Sumo Logic.

They should also be well-versed in Endpoint Detection and Response/Extended Detection and Response (EDR/XDR) integrations like SentinelOne, Defender for Endpoint/Server, CrowdStrike, and Palo Alto Cortex XDR. As an Associate Cybersecurity Engineer, you will have a vital role in providing managed security services to our clients, guaranteeing the smooth operation of their security infrastructure.

• Skills Maintenance:

  Keep your industry knowledge up-to-date by maintaining deep expertise in SIEM tools and EDR/XDR products.

• Client Interaction:

  Deliver our managed services to clients efficiently, working on project-based tasks related to SIEM and EDR/XDR technologies. Collaborate closely with clients to address technical issues, provide value reports, and configure their systems effectively.

• Technical Guidance:

  Offer technical guidance, expertise, and configuration support to clients, helping them maintain strong and efficient SIEM and Endpoint security programs.

• Best Practices:

  Assist clients in implementing best practices for deploying and configuring endpoint agents, endpoint security policies, log forwarders, data sources, content, and alerts.

• Security Enhancement:

  Assist clients in enhancing the security of their SIEM and Endpoint products, ensuring alignment with industry standards and our program offerings.

• Issue Resolution:

  Troubleshoot problems related to data source interactions with SIEM technologies and API connections between supported security integrations and our platform (CORR).

• Automation Opportunities:

  Identify chances to automate parts of SIEM and Endpoint engineering tasks to improve efficiency and accuracy.

• Documentation Management:

  Create and update extensive security documentation, encompassing playbooks, standard operating procedures, and training materials.

• Ongoing Education:

  Keep abreast of the latest security threats and trends, integrating this knowledge into our security solutions. Attain and maintain relevant security certifications.

• Collaborative Teamwork:

  Work closely with fellow cybersecurity engineers, product managers, and architects to devise and implement innovative security solutions that offer the highest level of protection for our clients.

Required Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or an equivalent field, or equivalent experience and industry certifications.
• 2+ years of experience with SIEM tools (Splunk, Microsoft Sentinel, Sumo Logic, or Devo). 
• Familiarity with various security data sources, log formats, and ingestion methods.
• Experience in creating SIEM content, including alerts, reports, and dashboards.
• Excellent communication and customer service skills.
• Ability to establish rapport and trust with customers, even in discussions about complex technical issues.
• Proficient in troubleshooting technical issues related to security products.

Desired Qualifications:

• 1+ years of experience with any EDR/XDR solution.
• 3+ years of experience with Cloud Technologies (Azure, AWS, or GCP). 
• Experience deploying security solutions in an MSSP environment is a plus.
• Experience with DevOps tools is a plus (Terraform, Ansible, Puppet, Salt Stack, etc.).
• Scripting abilities in Bash, PowerShell, Python, or other programming/scripting languages.