Principal Cyber Security Engineer

About Us

HighRadius, a renowned provider of cloud-based Autonomous Software for the Office of the CFO, has transformed critical financial processes for over 800+ leading companies worldwide. Trusted by prestigious organizations like 3M, Unilever, Anheuser-Busch InBev, Sanofi, Kellogg Company, Danone, Hersheys, and many others, HighRadius optimizes order-to-cash, treasury, and record-to-report processes, earning us back-to-back recognition in Gartners Magic Quadrant and a prestigious spot in Forbes Cloud 100 List for three consecutive years.

Job Title: Principal Cybersecurity Engineer

Location:

Team:

Job Summary:

Key Responsibilities & Business Impact

• Lead 24x7 Security Operations:





• Serve as the

  technical lead

  and mentor for a round-the-clock team of L1/L2 SOC/IR analysts, providing guidance, training, and operational oversight.


• Ensure continuous, high-quality security monitoring and rapid threat detection and response to improve MTTD/MTTR factor for all cyber incidents and to reduce the overall security risk for the business.





• Advanced Incident Response (IR):





• Act as the

  Incident Commander

  for high-severity security incidents, leading the technical response from detection and containment through eradication and recovery.


• Develop, maintain, and refine incident response playbooks and procedures to ensure efficient and effective handling of threats.





• Digital Forensics & Threat Hunting:





• Conduct deep-dive

  digital forensic investigations

  on compromised endpoints, servers, and cloud workloads to determine root cause, attack vectors, and data exfiltration.


• Proactively

  hunt for advanced threats

  and Indicators of Compromise (IOCs) across the enterprise using SIEM, EDR, and threat intelligence data.





• Technology & Process Optimization:





• Monitor and optimize the security technology stack, including

  SIEM, SOAR, EDR, WAF, DLP, CASB and Cloud security

  platforms, to improve detection capabilities and analyst efficiency.


• Work closely with the Security Engineering team to reduce false positives/alert fatigue and collaborate with the red team to identify opportunities for new alerting rules/thresholds.





• Stakeholder Communication:





• Translate complex technical findings into clear, concise reports and presentations for technical teams, business leaders, and executive management.


• Serve as the primary technical liaison with legal, HR, and other departments during investigations.


• Manage Shift roster of the team and align resources efficiently during weekends and public holidays.

Required Qualifications

Experience:

6-8+ years of progressive experience in cybersecurity (preferably in SOC) 2+ years of direct, hands-on experience in a senior or lead incident response role. Proven experience leading or mentoring a technical team in a high-pressure environment

Technical Expertise:

• Expert-level proficiency with enterprise SIEM platforms (e.g., Splunk, Microsoft Sentinel, Securonix)


• Deep, hands-on experience with EDR/XDR solutions (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint).


• Proficiency with malware sandboxes (e.g. Cuckoo Sandbox, Joe Sandbox, Reversing Labs etc.) and memory analysis techniques


• Strong understanding of network protocols, packet analysis (Wireshark), and network forensics (NDR)


• Demonstrated experience in security monitoring and incident response within cloud environments (AWS, Azure, or GCP).


• Experience working with insider theft or data leakage threats as well as able to respond to phishing/spam incidents

Soft Skills & Education:

• Bachelors degree in Cybersecurity, Computer Science, or a related field


• Ability to remain calm and decisive under pressure during major incidents


• Excellent analytical, problem-solving, and critical-thinking skills


• Superior communication skills, with the ability to articulate complex technical topics to both technical and non-technical audiences

Certifications (Highly Desired):

• One or more of the following certifications are strongly preferred: CISSP, CCSP, OSCP, GCIH, GCFA, Tryhackme or Hackthebox certifications etc.