Security Engineer

Project Role : Security Engineer
Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats.
Must have skills : Security Information and Event Management (SIEM)
Good to have skills : Computer Security Incident Response
Minimum 5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary: As a Security Engineer, you will apply your security expertise to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to implement security measures, conducting assessments to identify vulnerabilities, and ensuring that the organization's information and infrastructure are safeguarded against potential cyber threats. You will also engage in proactive monitoring and response to security incidents, contributing to the overall security posture of the organization. Roles & Responsibilities: - Expected to be an SME. - Collaborate and manage the team to perform. - Responsible for team decisions. - Engage with multiple teams and contribute on key decisions. - Provide solutions to problems for their immediate team and across multiple teams. - Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements. - Develop and implement security policies and procedures to ensure compliance with industry standards. - Identify and propose adjustments/improvements on SOC runbooks based for example on false positives, tuning of SIEM use cases and audit findings. - Engagement with internal IT functions might be required to fill the identified gaps (e.g. lack of details in asset inventory) in the alert handling process. - Identify and propose adjustments/improvements on SIEM UCs based for example on false positives reported by SOC and audit findings - Quality check and end-to-end testing of SOC runbooks - Preparation for audits (evidence/requests handling) and attendance - Attendance to regular calls with SOC Service Manager - Participate in Blue/Red teams exercise to test and improve our monitoring and response capabilities - Development of automation of various CERT/SOC processes via SOAR solution - Red Teaming/Purple Teaming exercises - Background in Malware Analysis, Digital Forensics and/or Cyber Threat Intelligence - Experience in Threat Hunting including the ability to leverage intelligence data to proactively identify and iteratively investigates suspicious behavior across networks and systems - Script Development (e.g. Python, Shell scripting) - Cloud Security expertise (primarily GCP and Azure) - Vulnerability Handling / Management - Relevant Industry Certifications such as SANS/GIAC (e.g., GCIA, GCIH, GNFA, GCFA), CompTIA (Security+, Cloud+, PenTest+), OSCP, eLearnSecurity are desirable. Professional & Technical Skills: - Must To Have Skills: Proficiency in Security Information and Event Management (SIEM), CERT or SOC team with SIEM alerts handling, workflow design and runbook preparation. - Good To Have Skills: Experience with Computer Security Incident Response. - Knowledge of cyber threats and vulnerabilities: how to properly identify, triage, and remediate threats based on threat intelligence as well as on analysis of security events, log data and network traffic. - Expert working knowledge of technical and organizational aspects of information security, e.g., through prior defensive or offensive work experience - Solid understanding of cyber threats and MITRE ATT&CK framework - Strong understanding of network security protocols and technologies. - Experience with threat detection and incident response methodologies. - Familiarity with security compliance frameworks such as ISO 27001 or NIST. Additional Information: - The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM). - This position is based at our Hyderabad office. - A 15 years full time education is required.