SecurityHQ Security Engineer L2 - General Duties (Experience 3 - 5 years)Security Monitoring and Incident Response:Review and address incidents flagged by the SOC.Collaborate with the corporate IT team, Firewall management, advisory, and EDR teams to implement appropriate responses and remediation actions.Hands-on experience will be an added advantage with tools such as SIEM platforms, EDR solutions, identity and access management systems, cloud environments, email security gateways, web application firewall (WAF) solutions, network firewalls, Zero Trust Network Access (ZTNA) technologies, and enterprise password management systems.Security Configuration and Threat Hunting:Continuously review and assess security configurations across the infrastructure to identify potential gaps.Conduct threat hunting to uncover potential weaknesses in configurations and ensure gaps are addressed with appropriate countermeasures.Vulnerability Assessment, Penetration Testing, and Patch Management (VAPT, TRI):Oversee and ensure the timely execution of vulnerability assessments and penetration testing (VAPT), Threat and Risk Identification (TRI), and patch management processes.Drive the resolution of identified vulnerabilities and gaps through collaboration and follow-up actions.Security Policy Enforcement:Assist in the creation and enforcement of security policies and procedures in line with recognized standards, including ISO, NIST, Cyber Essentials Pulse, SOC 2 Type 2, and the Essential Eight Maturity Model (AU).Reporting and Documentation:Prepare detailed reports and presentations on security configurations, incident response actions, and change management reviews.Maintain comprehensive documentation to demonstrate how security initiatives align with operation and organizational goals.Training and certification:CEH, ECIH, CCSP, CompTIA Security+ and security audits experience/certifications will be added advantage. This dedicated L2 resource who will help with day-to-day activities and can ensure timely closure of security issues. Also, to document IT security policies and ensure enforcement of it across the organization.

Job DescriptionThis Role will be responsible for managing firewalls and network security devices for multiple clients which involves Plan, prepare and implement firewall, network security devices change and incidents that are requested by clients as per the Change Management framework defined by the company.Troubleshooting and resolving security, service and devices related incidents, and provide RCAs whenever required as per Incident Management framework defined by company.Deploy, and configuration different network solutions as per the client requirements.Mentor, audit and manage Associates and Engineers in the team.Handle internal and client escalations effectively.Perform and present security and posture assessments on client and SHQ network devices as required.Perform peer reviews for all the Associate and Engineer’s work before implementation and conduct post assessments.Maintain and complete assigned tickets related to network issues, ensuring regular ticket updates and client communication as per the defined SLAs.Prepare/Present/Review daily/weekly/monthly reports as per client requirements.Participate in network lifecycle management for upgrades, hardware refreshes and any architectural updates as required.Ability to work in 24x7 environment with given responsibilities.Excellent communication skills are required for daily security operations. ResponsibilitiesAbility to work independently and confidently on single or multiple projects.Will be responsible for the end-to-end delivery.Handling customer escalations, balancing customer expectations, and negotiating successful resolutions.Planning for firewall migration, optimization & new implementation.Prepare security design document – CRD, HLD, LLD, migration & implementation plan.Help OEM to run POC & conduct post POC presentation.Assist and Guide Junior team members such as L0/L1 in day-to-day tasks.Escalating the issues in the timely manner to senior level or coordinating with TAC support to resolve the issues pro-actively.Plan and implement the changes as per the ITIL procedures.Perform Quarterly/Half-Yearly configuration Audit of Customer Firewalls.Prepare Weekly/Monthly Reports Essential SkillsGood understanding of Routing Protocols (Static Routes / RIP / OSPF / BGP)Good understanding of Switching concepts (STP / VTP / L2 Loops / VLANs/ EtherChannel)Hands on experience on firewall like Cisco ASA, Palo Alto, FortiGate, Checkpoint, SonicWallKnowledge on Advanced Cybersecurity Solutions (CASB, DLP, WAF, Web Proxy)Good Understanding of Zero Trust or SASE solutions.Technically good in IPSEC tunnel creation and troubleshooting.Knowledge of any Remote access VPN, Clientless VPNGood Understanding of Packet flow for leading vendor firewallsGood understanding of Networking concepts such as NAT, ACL, VIP, QoS, Stateful Inspection etc.Existing knowledge of, and experience with public cloud platform (laaS/PaaS) features, capabilities, and best use for (Azure/AWS/GCP) Additional Desired SkillsStrong interpersonal and presentation skillsAbility to work with minimal levels of supervision or oversightAdherence to security policiesWillingness to provide availability and support by understanding the criticality and responsibility of the business needs.Good knowledge of Windows/Linux OS and networking environments will be add-on. Education Requirements & ExperienceExperience - 3 to 6 YearsEducation: BE-Computer Science/IT OR MCA OR University degree equivalent Certification – CheckPoint/Palo Alto/Cisco (ASA, RnS, Security)/ Fortinet/ Juniper Certified. (Any one or more is preferred.)

Job DescriptionWe are seeking a highly motivated and analytical individual to join our global Cyber Threat Intelligence team as a Cyber Threat Intelligence Analyst. As a part of our Advisory & Assessment team, you will contribute to the identification and mitigation of emerging threats, enabling our clients to proactively defend against cyberattacks. ResponsibilitiesResearch and Analysis: Conduct in-depth research and analysis of emerging cyber threats, including the evolving threat landscape, industry-specific risks, and geographical threats, to identify potential risks and vulnerabilities.Threat Reporting: Create intelligence products including comprehensive reports for our customers, providing insights on the current threat landscape, outlining their attack surface, and highlighting open risks that need immediate attention.Threat Advisories: Develop and deliver concise and actionable threat advisories for our customers, offering recommendations and strategies to mitigate potential cyber threats and vulnerabilities.Customer Engagement: Engage with customers on weekly calls, presenting threat intelligence findings, discussing attack surfaces, and addressing any inquiries or concerns they may have.Ad hoc Intelligence Requests: Assist customers by fulfilling their ad hoc intelligence requests, which may include conducting deep-dive investigations, providing analysis on specific threats, or offering insights into industry-specific risks.Incident Qualification: Proactive monitoring of TRI tools and response to any identified incidents. You will be responsible for qualifying incidents to assess their fidelity. RequirementsKnowledge and Interest: Passion for cybersecurity and a good understanding of the threat landscape, emerging trends, threat actors, and attack vectors. Awareness of different industry and regional threats is advantageousAnalytical Skills: Excellent analytical and critical thinking abilities to interpret complex data, identify patterns, and extract meaningful insights.Communication Skills: Effective written and verbal communication skills to present technical information clearly and concisely, both internally and externally.Detail-oriented: Strong attention to detail, ensuring accuracy and precision in research, analysis, and reporting.Collaboration: Ability to work effectively in a team environment, collaborating with colleagues and customers to achieve common objectives.Continuous Learning: Eagerness to stay updated on the latest cybersecurity trends, threat intelligence methodologies, and tools. Education Requirements & ExperienceBachelors in computer science/IT/Electronics Engineering, M.C.A. or equivalent University degree.1 or 2 year experience in SOC or vulnerability assessmentCertifications: Certified Ethical Hacker (CEH) CTIA, CPTIA.

Job DescriptionWe are looking for an experienced security professional for our 24x7 managed security operations center to work as a Cyber Security Manager delivering excellent service with technical expertise and relationship management skills. ResponsibilitiesExcellent Customer Communication.Attend and support the weekly meetings with the client. Follow up actions on weekly calls.Asset review with Integration and Service Incidents.Create service requests for onboarding and coordinate with admin teams, Integration teams and track Integration Service Requests.Check and follow up with all Tickets Review.Check and support closure of old incidents providing an extended support to the clientWork to prioritize security initiatives and spending considering needs in the light of evolving cyber threatsIdentify appropriate goals, objectives, and metrics consistent with corporate strategic plan. Manage the development and implementation of global security policy, standards, procedures, and work instructions to ensure ongoing maintenance of securityEnsure that all reporting of deliverables are issued on time. Check security controls in place and any gaps in controls. Check use cases are in place for all security controls in customer environments. Ensure that the network architecture is in place and defined to the greatest possible accuracy. Clear understanding of the SOW and the deliverables. Check weekly:SLA compliance Offenses that have been closed as False Positive and why.Onboarding OLA complianceReview Customer use cases, help developing custom use cases with collaboration with L3 and content team.Management of enterprise size customer accounts.Presentation to customer C Level / Board on security matters.Take leadership responsibility in Major & Critical Incident Handling, in coordination with the L3 Incident RespondersTake leadership in Service Incident Crisis management.Take responsibility for auditing the configurations and deliverables of the non MDR services.Advise customer on Security Controls Gaps, Use Case Gaps (E.g., via any internal external pen test and provide recommendations).Mentor Graduate and more junior Cyber Security Managers. Essential Skills Network +KnowledgeSecurity + KnowledgeSecurity Controls in depth knowledge on all technical controls and common vendors. Additional Desired SkillsProvide overall Information Security related subject matter expertiseDemonstrated ability to work independently and within a teamDemonstrated mastery of key Information Security technical disciplines and tools, with a preference for expertise in secure application design or incident management and forensicsWork directly with Information Security Group enterpriseGCIH/ECIH or similar incident responseOSCP or similar advance pen testTechnical writing: Blogs/whitepapersPublic Speaking: Presentations/SeminarsCrisis Management Education Requirements & ExperienceEducation: MS or Bachelor's degree in engineering, computer science, or a related field Candidates should have at least 3 years of experience working as Security Analyst or similar roles.Prior information security and risk management experience, preferably with experience in secure applications development or incident response and forensicsProject Management experienceExperience in a combination of business analysis, systems, business continuity planning and financial servicesBroad IT knowledge specifically in areas of information security, risk management and IT auditStrong communication and negotiation skillsStrong analytical and problem-solving skillsAbility to work with all levels within the organization

Responsibilities • Provide second-level technical support for complex cloud service incidents, problems, and requests. Resolve escalated issues that require in-depth analysis and troubleshooting. • Diagnose and resolve intricate issues related to cloud infrastructure, services, and applications, ensuring minimal disruption to business operations. • Manage and optimize cloud resources, including virtual machines, storage, databases, and networking services. Implement best practices for performance and costefficiency. • Oversee the deployment and configuration of cloud services and solutions, including advanced features and integrations. • Work closely with Level 1 support engineers, guiding and mentoring them on complex issues. Collaborate with other technical teams, including development and operations, to ensure seamless service delivery. • Maintain detailed records of incidents, resolutions, and system configurations. Contribute to the knowledge base by creating and updating technical documentation and troubleshooting guides. • Identify recurring issues and work on permanent fixes or improvements. Participate in root cause analysis and provide recommendations to prevent future incidents. • Stay current with emerging cloud technologies and industry trends. Recommend and implement enhancements to improve support processes and service quality Essential Skills • In-depth knowledge of cloud computing platforms (e.g., AWS, Azure, Google Cloud) and services. • Advanced understanding of operating systems (e.g., Windows, Linux), networking, and cloud security practices. • Experience with cloud automation tools and scripting languages (e.g., Python, PowerShell) is a plus. • Familiarity with monitoring and management tools (e.g., CloudWatch, Azure Monitor) and ticketing systems • Relevant cloud certifications (e.g., AWS Certified Solutions Architect, Microsoft Certified: Azure Administrator Associate) are highly desirable. 3 CONFIDENTIAL | 202 SecurityHQ JD- : Analyst Contact Us hr-india@securityhq.com For more details visit www.securityhq.com Additional Desired Skills • Strong verbal and written English communication • Strong interpersonal and presentation skills • Ability to work with minimal levels of supervision • Willingness to work in a job that involves 24/7 operations Education Requirements & Experience • Bachelors in Computer Science/IT/Electronics Engineering, M.C.A. or equivalent University degree • Minimum of 3-6 years of experience in the IT security industry, preferably working in a SOC environment • Certifications: GCIH, CCNA, CCSP, CEH