Cybersecurity Engineer - L2

Job role - Cybersecurity Engineer L2 (EDR, Firewall, IAM)

Experience - 4+

Location - Chennai

Key Responsibilities

1. Security Monitoring & Incident Support

• Support

  24x7 security monitoring

  activities across users, devices, applications, and infrastructure.
• Investigate alerts escalated from Tier-1 teams to confirm security incidents.
• Perform triage, validation, and technical analysis of security events.
• Create, update, and manage security incidents and alerts using

  ITSM tools

  .
• Provide investigation details and evidence to Tier-2 / Tier-3 teams as required.

2. Endpoint Detection & Response (EDR) Operations

• Monitor and respond to endpoint security alerts across workstations and servers.
• Administer and operate

  EDR and antivirus platforms

  , including:
• Policy configuration, tuning, and exception management
• Automated engine and signature updates
• Troubleshooting endpoints not reporting or updating correctly
• Validate endpoint agent deployment, coverage, and compliance.
• Support rollout of endpoint protection in coordination with IT tooling and stakeholders.
• Produce operational inputs for weekly and monthly security reporting.

3. Firewall Operations & Support

• Support day-to-day firewall operations, including:
• Rule creation, modification, and validation
• Policy updates to support infrastructure and device changes
• Assist with firewall patching and updates as per vendor advisories.
• Implement security profiles aligned to server, application, and device functions.
• Support testing, detection, and custom rule implementation activities.
• Ensure firewall changes are documented and aligned to approved processes.

4. Identity & Access Management (IAM) Support

• Support identity and access-related security activities.
• Assist with investigation of authentication, authorization, and access-related incidents.
• Support enforcement of access controls aligned to security policies.
• Work closely with EUC and infrastructure teams on identity-related issues.
• Ensure IAM activities align with governance and compliance requirements.

5. Collaboration & Escalation

• Work closely with:
• Tier-1 SOC / Command Center teams
• Cybersecurity Lead (L3)
• Infrastructure, Network, EUC, and Cloud teams
• Escalate complex or recurring issues with structured analysis and findings.
• Support coordinated incident response and remediation activities.