Senior Security Engineer - Detection and Response

JOB LOCATION:

• Pune, Maharashtra 

​

MINIMUM QUALIFICATION: 

• 3-4 years of experience

• Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or a related field.

• Experience in writing code in ONE of the following scripting languages - Python, Go, Powershell.

• Must have prior experience working in Security Operations and hands-on experience in working on SIEM, EDR tools.

• Must have malware reversing skills especially deobfuscating payloads/scripts.

• Must have detailed knowledge of MITRE ATTACK framework, Secure Architecture and Networking.

• Basically, think offensive act defensive

DESIRED QUALIFICATION:

• Master's Degree in Cyber Security/ Computer Science(Passionate about Cybersecurity).
• Relevant certifications such as GSOC, GREM, HTB CDSA 
• Good report writing skills.
• Good to have experience in leading a team of 5-6 and managing client service delivery.
• Should be up to date with latest threat intelligence, APT modus operandi and zero-day vulnerabilities.
• Good to have pentesting skills

​

RESPONSIBILITIES AND JOB DESCRIPTION:

You will be working with the security detection and incident response teams. You will work under the leadership of the CISO of the company. You will be required to do security assessment, analysis, and incident response in a client environment. You will be working onsite at a client location. You will be required to research security issues in the client environment and develop controls and protections to solve those problems. Under this job, you are expected to have strong integrity and ethics. 

KEY RESPONSIBILITIES:

Monitoring and Incident Response:

Monitor security events and alerts generated by a variety of security tools, including intrusion detection systems (IDS), security information and event management (SIEM) systems, O365 applications, and firewalls. Investigate and respond to security incidents, analyze suspicious activities, and take measures to mitigate threats as necessary.

Security Tool Management:

Administer and maintain the SOC's security tools, including SIEM, IDS/IPS, endpoint protection systems, and data loss prevention (DLP) solutions. Configure and optimize these tools to guarantee optimal performance and precise alerting.

Client Service Delivery

Understand client requirements in solving their concerns, come up with good practically implementable  solutions that will help clients in achieving their cybersecurity resilience.

Problem Statement Identification and Tool Development

Should assist the engineering team in identifying problem statements either as per current SOC need or Client expectations and help engineer/develop/design  products in the same.

Cybersecurity Threat Research

Research new threats be it On-Prem or Cloud, reconstruct the PoC in lab environment, observe the findings, reverse engineer new malware, write and publish technical blogs on company websites.

Cybersecurity Compliance

Assist cybersecurity team to achieve compliance for various Cybersecurity certifications like CREST. Create, implement and maintain documentations as required by the governing bodies

Security Awareness and Training:

Assist in developing and delivering security awareness programs to educate employees about security best practices, policies, and procedures. Provide training to other IT staff on security-related topics.

ABOUT PKF ALGOSMIC:

PKF Algosmic works in cybersecurity. We have a combination of products and services. In the security domain we offer various cybersecurity services including but not limited to Security Operations, Cybersecurity infrastructure development, Threat Research, Offensive Security audits, Application Security.