Security Engineer

Job Title

Job Summary

The platform engineering Specialist is responsible for technical support and administration work, reviewing Logs and signatures identified in tools, define and configure rules, developing automation scripts, and provide the directions in use cases within the Security Operations Center (SOC). The role focuses on identifying potential security threats and empower use cases to detect and mitigate these threats effectively. The specialist will work closely with the OEM technical support, SOC team, cybersecurity analysts, and other IRM professionals to enhance the organization's security posture.

Key Responsibilities

1. Configure and Analysing security use cases to detect various cyber threats and vulnerabilities.
2. Conduct thorough analysis of emerging threats and attack vectors to develop provide recommendations for use cases.
3. Work with SOC analysts, incident responders, and other stakeholders to understand security requirements and integrate them into Tool.
4. Maintain comprehensive documentation for all use cases, including logic, configuration details, and operational procedures.
5. Continuously refine and optimize rules and controls to improve detection accuracy and reduce false positives.
6. Develop metrics and reports to assess the effectiveness of use cases and recommend improvements.
7. Assist in incident investigations by leveraging developed use cases and providing expertise on threat detection
8. Understand the tool functionalities and options, further incorporate those in process and automation.
9. Enhancements and big-fixes of tool.

Qualifications

Education: Bachelors degree in Computer Science, Information Security, or a related field.

Experience

Minimum of 3 years of experience in cybersecurity, with a focus on threat detection and penetration testing.

Prior experience in Scripting, Red & Blue Teaming is highly desirable.

Certifications: Relevant certifications such as OSCP, CRTP, CRTE, CEH or similar are preferred.

Skills and Competencies

1. Strong understanding of cybersecurity concepts, threat landscape, and attack vectors.
2. Understanding in SIEM (Security Information and Event Management) tools such as Splunk, Tenable AD, bloodhound, Smokescreen etc.
3. Experience with scripting languages (Python, PowerShell) for automation and data analysis.

interested candidate can forward cv to jyoti.patil@valuepointsystems.com