Security Engineer

Job Description

Job description: The primary responsibility is to work on the existing or new Incidents, Service requests and Tasks Escalation point for L1 and triage the unresolved incidents or requests. Role & responsibilities : Analyze & Investigate cyber threats on a real-time/day-to-day basis, involving alerts review, log analysis, and event/incident correlations Evaluate the current Security Infrastructure for best practices, and recommend changes to enhance security ad reduce risks Develops security strategy plan and roadmaps based on the recommended practices Meeting clients to discuss security strategies, provide information, and explain the design system Run risks assessments and tests; prepare a plan to mitigate the potential risks Frequent interaction with customers for risks mitigation, corrective action, and Root Cause Analysis Escalate to L3 for any operations issues and security incidents that cannot be resolved at his level Perform preliminary security breaches investigation, perform forensic analysis and prevent them in the future Prepare Documents and Maintain Procedures, Response Plan, Runbooks, and associated processes for continuous improvement Review/Configure preventive rules on EDR, Spam filters, and other security tools Continuous Vulnerability Management & Policy Management with SIEM and Vulnerability Assessment tools Perform Validation of the exclusions from remediation of vulnerabilities based on the customer requirements Create Vulnerability Management dashboards and prepare trending reports Configure threat intelligence data feeds to provide identification of additional phishing/malware instances Regularly review and recommend changes to policies or controls as needed to enhance security Train and mentor the peers and juniors in the team. Preferred candidate profile Performing incident handling, evidence acquisition, digital forensics, endpoint and Network,and Cyber security incident management Experience with investigating technologies such as log analysis, Malware analysis, Network, and Host forensics, Endpoint detection and response, SIEM, etc. Good to have skills: Prior working experience Experience on other vulnerability Management tools such as Qualys, Rapid7 & tenable is desirable Candidate working with Managed Services/IT Services company is preferred, and a background in dealing with global teams and remote teams will be a strong plus Any one of the Certifications: Comptia Security+