Cyber Security Engineer

Role Overview

Cybersecurity Engineer L2 (SIEM, VA, PT)

continuous visibility into security posture and effective remediation of identified risks

Key Responsibilities

1. SIEM Operations & Security Monitoring

• Support

  SIEM platform operations

  for centralized security monitoring and analytics.
• Investigate and analyze security alerts escalated from Tier-1 teams.
• Correlate logs across endpoints, network, servers, and cloud environments.
• Assist in tuning detection rules to improve signal quality and reduce false positives.
• Support incident investigation by providing log analysis and evidence.

2. Vulnerability Assessment Operations

• Execute and manage

  regular vulnerability scans

  across enterprise assets using industry-recognized platforms.
• Validate scan coverage, schedules, and scan configurations.
• Review vulnerability findings and classify based on severity and potential impact.
• Generate vulnerability reports for IT teams with remediation guidance.
• Track remediation progress and validate closure through re-scans.

3. Penetration Testing Support

• Coordinate and support

  penetration testing activities

  as per defined schedules.
• Support scope definition, asset validation, and test preparation.
• Review penetration testing findings and assist with remediation planning.
• Track remediation actions and validate corrective measures.
• Maintain documentation related to penetration testing outcomes.

4. Security Analytics & Trend Analysis

• Analyze SIEM and vulnerability data to identify recurring risks and trends.
• Support reporting on vulnerability exposure and remediation effectiveness.
• Provide inputs for weekly, monthly, and quarterly security reports.
• Assist in identifying improvement opportunities in detection and remediation processes.

5. Incident, Documentation & Escalation Support

• Support security incident investigations by providing technical analysis and findings.
• Create and update security incidents in ITSM platforms.
• Maintain accurate documentation of investigation steps and outcomes.
• Escalate complex findings to the Cybersecurity Lead with structured analysis.

6. Collaboration Across Teams

• Work closely with:
• Tier-1 SOC / Command Center teams
• Infrastructure, Network, Cloud, and EUC teams
• Cybersecurity Lead (L3)
• Support coordinated remediation and validation activities.
• Contribute to continuous improvement of security operations.

Skills & Experience

Technical Skills (Aligned to Scope)

• Hands-on experience with

  SIEM platforms

  (Cortex XDR exposure is an advantage).
• Strong understanding of security log analysis and correlation.
• Experience executing

  vulnerability scanning and remediation tracking

  .
• Understanding of penetration testing concepts and workflows.
• Familiarity with hybrid (on-prem + Azure) environments.
• Understanding of

  NIST CSF-aligned security operations

  .

Tools & Platforms (Preferred)

• SIEM platforms (Cortex XDR – advantage)
• Vulnerability management platforms
• Penetration testing tools and reporting frameworks
• ITSM platforms for incident and remediation tracking
• Microsoft security tools (exposure is a plus)

Experience

• 4–7 years

  of experience in cybersecurity operations, SOC, or vulnerability management roles.
• Experience working in

  L2 security execution

  environments.
• Exposure to enterprise or managed security services.
• Experience supporting regulated or compliance-driven environments is preferred.

Soft Skills & Behavioral Expectations

• Structured and analytical approach to security investigations.
• Strong documentation and reporting discipline.
• Clear communication of technical findings.
• Ownership of assigned security activities.
• Collaborative working style across security and IT teams.

Working Model

• Offshore delivery from India.
• Shift-based operations aligned to

  24x7 security monitoring

  .
• Close coordination with Tier-1 SOC and Cybersecurity Lead.
• Participation in transition and steady-state operations.