Cyber Security Engineer

Job Title :- Cyber Security Engineer

Experience: 6 to 9Years

Location: Hyderabad, Chennai

Virtual Drive : 10am to 4pm

Job Description:

Desired Competencies (Technical/Behavioral Competency)

Must-Have**

(Ideally should not be more than 3-5)

Continuously monitor:

• Monitor security alerts and events from various sources, including Microsoft Sentinel, Defender for Endpoint and Defender for Cloud.
• Perform log management: Perform log ingestion, define use cases, and create alerts for critical assets.
• Develop Detection Rules: Create, implement, and fine-tune analytical rules, alerts, and queries in Microsoft Sentinel and Defender to detect security incidents and reduce false positives.
• Behavioral Analytics: Leverage user and entity behavior analytics (UEBA) to identify abnormal activities and enhance detection capabilities.
• Customize Playbooks: Develop and customize automation playbooks in Sentinel and defender to streamline incident response processes and improve efficiency.
• Threat Hunting: Using IOCs and threat intelligence, perform threat hunting across environment.

Incident Response

• Analyze and investigate security incidents to identify potential threats.
• Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradicate and recover from threats.
• Document and report incidents, ensuring accurate and comprehensive records.
• Follow established incident response procedures, playbooks and contribute to their enhancement.

Testing and Validation

• Participate in Blue\Red\Purple team exercises.
• Participate in Cyber crisis simulations.
• Participate in Table-top exercises.

Business Context and Risk Management

• Understand the Business value chain.
• Understand key Business processes.
• Understanding the Business architecture and mapping to crown jewels (critical assets)
• Risk management with the ability to conduct risk assessments when required.

Endpoint Detection and Response (EDR)

• Manage and maintain endpoint security and compliance.
• Perform daily health checks endpoint security and EDR solutions and remediate accordingly.
• Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.
• Collaborate with IT teams to ensure endpoint security configurations align with organizational standards.

Good-to-Have Skills/ Competencies

• Communication: Excellent written and verbal communication skills in English, with the ability to effectively communicate technical information to both technical and non-technical audiences.
• Collaboration: Willing and able to share knowledge and learn from colleagues
• Time Management: Ability to work in independent environments under aggressive timelines and pressure.
• Reporting skills: Outstanding written skills for preparing email feedback and incident reports
• Ability to manage stress and pressure.
• Passion for continuous learning and development
• A “go getter” who is willing to go the extra mile to identify problems and recommend innovative solutions.

SN

Responsibility of / Expectations from the Role

1

Must have 4+ years’ experience in a SOC or Cybersecurity related role.

2

Candidates with the following technology experiences will be preferred: Microsoft Defender XDR, EDR, JAMF, Symantec DCS, DNS, network security, Online Brand Protection platforms, Mimecast, Symantec DLP, Next DLP, FortiAnalyzer, Sophos, CrowdStrike and Azure Sentinel.

3

Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).

4

Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, Azure Entra ID, IAM, PAM, MFA, NAC, DLP).

5

Knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection.

6

Effective verbal and written communication skill