Security Operations Engineer

Security Operations Engineer

Location: Chennai, WFO
Department: Information Security / IT Security
Reports To: Security Operations Manager
Type: Full-time, 24*7 shift

Job Summary:

We are seeking a skilled and proactive Security Operations Engineer to join our cybersecurity team. In this role, you will be responsible for monitoring, detecting, investigating, and responding to security incidents across our infrastructure. You will also play a key part in enhancing our threat detection capabilities, ensuring the security of our systems, data, and network.

Key Responsibilities:

· Responsible for the deployment, configuration, management, and maintenance of cybersecurity tools and platforms used to protect the organization’s digital assets such as SIEM (e.g., Rapid 7, Arctic Wolf), EDR/XDR (e.g., Microsoft defender), Identity & Access Management (e.g., Okta, CyberArk), DLP, IDS/IPS, PAM, etc.

• This role ensures that all security tools function optimally, integrate with other systems, and provide accurate data to support threat detection, prevention, and incident response efforts.
• Monitor security alerts and events from SIEM (Security Information and Event Management) systems and other tools.
• Monitor system health and performance of security tools, ensuring high availability and reliability.
• Investigate and respond to security incidents, conducting root cause analysis and coordinating mitigation efforts.
• Troubleshoot tool-related issues and liaise with vendors for support and updates.
• Manage and fine-tune security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR), and antivirus software.
• Manage tool integrations with existing IT infrastructure, including identity providers (e.g., AD, Azure AD), ticketing systems (e.g., Fresh service), and cloud platforms (AWS, Azure).
• Maintain proper documentation for configurations, standard operating procedures (SOPs), and incident response playbooks.
• Ensure compliance with internal security policies, regulatory requirements, and industry standards (e.g., PCI DSS, ISO 27001). Assist in audits, testing, and security assessments as required.
• Scripting skills (e.g., Python, PowerShell, Bash) for automation and integration.
• Develop and maintain playbooks for incident response and threat detection.
• Assist in log management and correlation of security events.
• Participate in threat hunting activities and provide recommendations for improved detection.
• Collaborate with IT, DevOps, and application teams to integrate security best practices into day-to-day operations.
• Stay up to date with the latest security threats, vulnerabilities, and technology trends.

Some tool specific / equivalent skills:

· CyberArk: Manage Privileged Access Management (PAM) policies, onboard privileged accounts, rotate credentials, monitor usage, and maintain vault configurations.

· Proofpoint: Administer email security policies, phishing protection, and DLP rules; respond to alerts and monitor user-reported emails.

· Arctic Wolf: Act as the liaison between internal teams and Arctic Wolf’s Concierge Security Team; manage integration of logs and sensors, and review threat reports.

· Microsoft Defender (for Endpoint/Identity/O365): Configure detection rules, monitor threat activity, and respond to alerts and incidents.

· Microsoft Intune: Manage endpoint protection and mobile device management (MDM); ensure secure configurations for corporate devices.

· Imperva (WAF, DLP, DBF): Monitor and maintain data protection, web application firewall policies, and database activity monitoring tools.

Qualifications:

Required:

• Bachelor’s degree in computer science, Information Security, or a related field, or equivalent work experience.
• 5+ years of experience in a security operations, SOC, or similar cybersecurity role. Overall IT Security experience of 8+ years.
• Familiarity with SIEM platforms (e.g., Splunk, QRadar, LogRhythm, Rapid7, Arctic Wolf).
• Experience with incident response and forensic tools.
• Strong understanding of network protocols, operating systems (Linux and Windows), and cloud security principles (AWS, Azure, or GCP).
• Knowledge of MITRE ATT&CK framework, NIST standards, and security best practices.

Preferred:

• Security certifications such as CEH, CompTIA Security+, GIAC, or CISSP.
• Experience with scripting languages (e.g., Python, PowerShell) for automation.
• Exposure to threat intelligence platforms and feeds.
• Knowledge of compliance frameworks (e.g., ISO 27001, SOC 2, GDPR).

Soft Skills:

• Strong analytical and problem-solving skills.
• Excellent verbal and written communication.
• Ability to work independently and in a collaborative team environment.
• Proactive mindset and eagerness to continuously learn.

Why Join Us?

• Opportunity to work on cutting-edge security technologies.
• Dynamic and inclusive team culture.
• Continuous learning and certification support.
• Competitive compensation and benefits package.

Job Types: Full-time, Permanent

Pay: ₹1,400,000.00 - ₹2,000,000.00 per year

Benefits:

• Health insurance
• Paid time off
• Provident Fund

Application Question(s):

• What is the Official Notice period and How soon you can join us?

Work Location: In person