Security Operations Engineer

Security Operations Engineer

Roles and Responsibilities

• Identify/Detect and respond to security incidents/threats per the defined policies & procedures in Security Operations
• Perform deep forensics and malware analysis during security events or incident investigations
• Ensure adherence to defined Security Operations SLAs with strong quality in analyzing security events and incident response activities
• Perform threat hunting to identify threats across Enterprises, Clouds, Applications, etc
• Perform regular configuration reviews and health checks of security monitoring systems
• Work with cross-teams and peers to improve detection coverage, logging capabilities, detection, and response systems
• Develop and improve operational processes and procedures for event analysis and incident response activities
• Provide timely feedback to peers and stakeholders on the latest security trends and threat intelligence and contribute towards improving the organization's security posture
• Automate repeated analysis and response workflows to improve the quality and efficiency of security operations
• Participate in purple team & knowledge-building exercises and help constantly improve Security Operations Maturity
• Mentor team members and constantly seek feedback to improve overall productivity, effectiveness, and efficiency of Security operations to detect & respond to security threats/incidents.

Experience & Skills

• 1-7 years of experience working in a Security Operations Center environment
• Must be willing to work on shifts and on-call availability in the 24*7 SOC
• Strong Analytical & Problem-Solving skills and the ability to think outside the box
• Self-motivated and curious to learn about new systems, technologies, and the latest attacks & detection techniques.
• Strong understanding of networking concepts, operating systems, cloud, and web/mobile application concepts such as Cookies, APIs, Databases, etc.
• Strong understanding of infrastructure components such as Routers, Firewalls, Proxies, VPN,etc
• Strong understanding of security concepts such as encryption, hashing, authentication, integrity, confidentiality, etc.
• Strong understanding of security tools and processes such as SIEM, IDS, XDR, SOAR, Malware analysis, Atomic Red Teaming, Attack Simulation tools, Vulnerability Scanners, Metasploit, etc
• Strong understanding of MITRE ATT&CK Framework and common attack tools, techniques, and procedures.
• Good verbal & written communication skills and can effectively collaborate with various teams such as Software Engineering, DevOps, IT, Legal, HR, PR, etc.
• Strong hands-on experience with cloud providers (AWS, GCP) and scripting in Python.
• Strong work ethic and commitment to fulfilling assigned tasks and responsibilities.
• Comfortable working in fast-paced environments, rapid changes, and context switching.
• Bachelor's degree in a related field or equivalent demonstrated experience and knowledge.