Bangalore, Karnataka, India
A SOC (Security Operations Center) Detection Engineer is a critical member of the cybersecurity team, responsible for designing, implementing, and maintaining systems and methodologies for detecting and responding to cyber threats. This professional plays a central role in identifying vulnerabilities, monitoring network activities, and ensuring the organization's digital assets are safeguarded against malicious actors.
Key Responsibilities
Threat Detection and Analysis
- Develop and maintain log collection, analysis, and monitoring systems to identify suspicious activities.
- Analyze network traffic, endpoint data, and system logs to detect anomalies and indicators of compromise (IoCs).
- Identify emerging threats and vulnerabilities by staying updated with the latest intelligence and threat trends.
Incident Response
- Collaborate with SOC analysts to investigate and respond to security incidents.
- Provide technical expertise in triaging and resolving incidents while minimizing impact on operations.
- Design and document incident response procedures for rapid and effective action.
Automation and Tool Development
- Develop scripts and tools to automate repetitive detection tasks and enhance operational efficiency.
- Integrate detection and monitoring tools seamlessly into the company's IT infrastructure.
- Test and fine-tune monitoring tools to optimize accuracy and performance.
Collaboration and Communication
- Work closely with the IT, network, and development teams to ensure security best practices are implemented.
- Communicate findings and recommendations effectively to stakeholders, including non-technical audiences.
- Contribute to the creation of educational materials and workshops to train staff on cybersecurity awareness.
Required Skills and Qualifications
Technical Expertise
- Proficiency in Microsoft tools and platforms, such as Microsoft Sentinel (formerly Azure Sentinel) for SIEM operations, Defender for Endpoint, and Microsoft Cloud App Security.
- Strong understanding of Microsoft networking protocols, Active Directory, Azure environments, and firewall configurations using Microsoft solutions.
- Experience with scripting in PowerShell for automation, debugging, and enhancing Microsoft tool functionality.
Analytical and Problem-Solving Skills
- Ability to analyze complex datasets from Microsoft tools and extract actionable intelligence.
- Strong troubleshooting skills to identify root causes of potential threats within Microsoft environments.
- Proven ability to think critically under pressure and make sound decisions during incidents.
Educational Background
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
- Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CEH (Certified Ethical Hacker), CISSP, or GIAC preferred.
Experience
- Minimum of 2-3 years of experience in cybersecurity, SOC operations, or a similar role, preferably with expertise in Microsoft security tools.
- Hands-on experience with threat intelligence platforms and detection methodologies using Microsoft Azure and Defender products.
- Proven track record of minimizing threats and vulnerabilities in previous positions.
Key Attributes
- Attention to Detail: Ensure accuracy in identifying and documenting threats and incidents.
- Adaptability: Respond effectively to the dynamic and evolving landscape of cybersecurity threats.
- Team Collaboration: Work seamlessly with other cybersecurity professionals and business units.
- Continuous Learning: Eager to stay informed about the latest tools, technologies, and threat intelligence.
Work Location: Mumbai/Bangalore (remote)
Joining time needed : 30 days
Employee Stock Purchase Plan
