Cyber Defense Engineering Lead

Job Description

Security Engineering & Cyber Defense Operations Architect, implement, and optimize SIEM, SOAR, XDR, and EDR solutions for effective threat detection and response. Develop and maintain security controls, logging, and monitoring strategies to ensure comprehensive threat visibility. Evaluate and integrate AI and Machine Learning-based cybersecurity tools for enhanced detection and automated response. Implement MITRE ATT&CK Framework to improve detection logic and adversary tactics coverage. Automation & AI-Driven Security Design and implement SOAR (Security Orchestration, Automation, and Response) workflows to automate threat response. Develop and fine-tune AI/ML models to enhance anomaly detection, alert correlation, and predictive threat analysis. Automate threat hunting processes using AI-based behavior analytics and security automation tools. Threat Hunting & Threat Intelligence Lead proactive threat-hunting activities using MITRE ATT&CK, TTP-based detection, and hypothesis-driven approaches. Utilize threat intelligence platforms (TIPs) to enrich SOC alerts, correlate IoCs, and enhance incident response. Establish hunting methodologies using behavioral analytics, network telemetry, and endpoint forensics. Collaborate with intelligence-sharing platforms and industry peers to stay updated on emerging threats. Use Case Development & Optimization Design and maintain SIEM use cases based on threat modeling, attack surface analysis, and business risk. Continuously refine detection logic, correlation rules, and alerting thresholds to reduce false positives. Leverage MITRE D3FEND and MITRE ATT&CK to develop advanced attack detection strategies. Incident Response & Forensic Analysis Provide engineering support for incident response teams, helping with log analysis, forensics, and root cause analysis. Develop custom threat detection scripts and automation workflows to accelerate IR capabilities. Assist in post-incident investigations by collecting and analyzing digital evidence. Security Architecture & Compliance Work closely with security architects to integrate cyber defense controls into enterprise security architecture. Ensure adherence to NIST, ISO 27001, and regulatory frameworks in cyber defense implementations. Conduct security tool assessments and evaluate new cybersecurity technologies for continuous improvement. Leadership & Stakeholder Collaboration Lead a team of security engineers and analysts, mentoring them in advanced detection and response techniques. Collaborate with IT, DevOps, and business units to align security engineering with enterprise objectives. Conduct cybersecurity awareness programs for cross-functional teams to strengthen cyber resilience. Candidates preferred from Mumbai location ONLY.