Job
Description
Position: Senior Systems Engineer Experience: 3-5 yrs Category: IT Infrastructure Main location: Bangalore, Hyderabad Primary skill- SIEM tools, Incident response, Network Security. Qualification: Bachelor's degree in Computer Science or related field or higher. Position Description Key Responsibilities: Monitor and analyze security events using SIEM tools (e.g., Splunk, QRadar, Azure Sentinel). Detect, investigate, and respond to real-time security incidents and alerts. Triage incidents based on severity and impact; escalate to L3/IR team as required. Perform root cause analysis and document findings in incident tracking tools. Create and update use cases, detection rules, and dashboards within SIEM. Analyze endpoint, firewall, and proxy logs for malicious activity. Conduct log correlation across multiple data sources to identify patterns and anomalies. Collaborate with threat intelligence and vulnerability management teams. Prepare detailed incident reports and threat intelligence summaries. Assist in playbook development and improve response workflows. Participate in regular threat hunting and tabletop exercises. Ensure security controls and monitoring are in place for cloud environments (AWS/Azure). Support compliance and audit requests with log and incident data. Provide mentorship and guidance to junior SOC analysts. Required Skills & Qualifications: Bachelors degree in Computer Science, Information Security, or related field. 35 years of hands-on experience in a SOC or cybersecurity role. Proficiency in SIEM platforms (e.g., Splunk, QRadar, Sentinel, ArcSight). Strong understanding of TCP/IP, DNS, HTTP, VPN, firewall rules, and IDS/IPS. Experience handling phishing, malware, lateral movement, and brute-force attacks. Familiarity with the MITRE ATT&CK framework and cyber kill chain. Knowledge of endpoint detection tools (e.g., CrowdStrike, Defender ATP). Working experience with ticketing tools like ServiceNow or Jira. Good communication skills and ability to work in a high-pressure environment. Flexible to work in 24/7 rotational shifts, including weekends (if required). Preferred / Good-to-Have: Scripting skills (Python, PowerShell, Bash) for automating SOC tasks. Cloud security experience (AWS, Azure, GCP). Certifications: SC-200, CompTIA CySA+, CEH, GSEC, or equivalent. Exposure to SOAR platforms and automated response tools. Skills: English Security Operations Center Security Architecture Security Assessment Security Monitoring AI
