SOC Content Detection Engineer
4 weeks ago
WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOMEDepartment:Managed Services & Support & Security Operations Center (SOC) Job Type:Full-Time Reports To:SOC Team Lead / Head of Cybersecurity ServicesJob Overview: We are seeking a technically skilled and detail-orientedSOC Content Detection Engineerto lead the development, optimization, and governance of detection content across Microsoft Sentinel and Defender XDR platforms. This role is critical to ensuring high-fidelity alerting, minimizing false positives, and aligning detection logic with threat intelligence and MITRE ATT&CK frameworks. The ideal candidate will have deep experience in KQL, Sigma rule development, and SOC telemetry analysis within MSSP environments.Key Responsibilities:1.Detection Content Development ·Design and implement custom detection rules using KQL ,Sigma , and behavioral analytics. ·Map detection logic toMITRE ATT&CKtechniques and threat actor profiles. ·Develop UEBA baselines and anomaly detection use cases. 2.Alert Tuning & Optimization ·Analyze alert performance and lead biweekly tuning cycles to reduce false positives. ·Collaborate with L2/L3 analysts to refine detection thresholds and suppression logic. ·Maintain a detection content repository with version control and change logs. 3.Telemetry & Visibility Engineering ·Conduct log source visibility reviews and telemetry gap analysis. ·Recommend log onboarding priorities based on threat coverage and customer environments. ·Validate parsing, normalization, and enrichment of ingested data. 4.Threat Intelligence Integration ·Operationalize threat intelligence into detection content and hunt scenarios. ·Integrate IOCs, TTPs, and threat actor indicators into rule logic and enrichment workflows. 5.Governance & Documentation ·Maintain detection playbooks, rule documentation, and tuning reports. ·Ensure detection content aligns with MSSP governance frameworks and audit requirements. ·Support change control processes for rule deployment and rollback. 6.Collaboration & Enablement ·Work closely with SOC analysts, onboarding consultants, and automation engineers. ·Provide training and guidance on detection logic, rule writing, and tuning best practices. ·Participate in incident post-mortems to identify detection gaps and improvement areas. Required Skills & Qualifications:1.Education ·Bachelor’s degree in Cybersecurity, Computer Science, or related field. 2.Certifications ·Required: Microsoft Certified: Security Operations Analyst Associate ·Preferred: MITRE ATT&CK Defender (MAD), GIAC (GCIA, GMON), CompTIA CySA+ 3.Technical Skills ·Expert-level proficiency in KQL, Microsoft Sentinel, and Defender XDR. ·Experience with Sigma rule development, UEBA, and SIEM tuning. ·Strong understanding of log source telemetry, data normalization, and alert lifecycle. ·Familiarity with threat intelligence platforms and MITRE ATT&CK mapping. 4.Soft Skills ·Analytical mindset with strong attention to detail. ·Excellent documentation and presentation skills. ·Ability to collaborate across technical and operational teams. ·Fluent English communication skills (spoken and written). Experience:5+ yearsinSOCorcybersecurity operations , with at least2 yearsindetection engineeringorSIEM content development . Prior experience in MSSP environments or multi-tenant SOC platforms is highly preferred.
-
SOC Engineer
3 days ago
New Delhi, India ITC Infotech Full timeSOC Engineer - L3Location: HyderabadMode: HybridRole Summary- Act as the senior-level analyst responsible for handling complex security incidents and advanced threats. - Lead investigations, triage escalations from L1/L2 analysts, and coordinate response actions. - Serve as the technical expert for SOC operations, threat detection, and remediation. Key...
-
SOC Engineer
1 day ago
New Delhi, India ITC Infotech Full timeSOC Engineer - L3Location: Hyderabad Mode: HybridRole Summary Act as the senior-level analyst responsible for handling complex security incidents and advanced threats. Lead investigations, triage escalations from L1/L2 analysts, and coordinate response actions. Serve as the technical expert for SOC operations, threat detection, and remediation. Key...
-
SOC Operations Specialist
4 weeks ago
New Delhi, India Talentmatics Full timeWe are seeking a SOC Operations Specialist to strengthen our cybersecurity defense and response capabilities. The role involves leading threat detection, investigation, and automation efforts using Microsoft Sentinel and Defender XDR. You’ll be working closely with cross-functional teams to enhance the organization’s overall security posture through...
-
Product Leader
1 day ago
New Delhi, India CareerXperts Consulting Full timeWe’re looking for ahands-on Product Leaderto drive the strategy, design, and scale of ourAI-powered threat investigation and response platform.If you’ve evolved fromdetection engineering or SOC operationsintoproduct leadership, and love building structured, extensible content pipelines for AI-first security, this is for you.What You’ll Do Lead product...
-
Senior Manager – SOC Operations
4 weeks ago
New Delhi, India Mphasis Full timeJob Description: Senior Manager – SOC OperationsRole Overview We are seeking an experienced, hands-on Senior Manager to lead our Security Operations Center (SOC). The ideal candidate will bring deep technical expertise, proven leadership experience, and a track record of building, optimizing, and maturing SOC functions. This individual will play a critical...
-
SOC Lead Engineer
4 weeks ago
New Delhi, India Versa Networks Full timeSOC Lead Engineer Location:Bangalore Experience: 8- 15 YRSJob Summary The SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24/7 monitoring, detection, analysis, and response to security threats. This role involves managing incident response processes, optimising security tools, and leading a team of security...
-
SOC Lead Engineer
4 weeks ago
New Delhi, India Versa Networks Full timeSOC Lead EngineerLocation: BangaloreExperience: 8- 15 YRSJob SummaryThe SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24/7 monitoring, detection, analysis, and response to security threats.This role involves managing incident response processes, optimising security tools, and leading a team of security analysts...
-
Cyber Security
2 weeks ago
New Delhi, India Sanganan IT Solutions Pvt Ltd. Full timeJob Title:Team Lead - Security Operations Center (SoC)Location: Noida/Singapore OfficeWORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME Short notice period or immediate joiners are preferred.Job Overview: As the SOC Team Lead, you will oversee the daily operations and strategic direction of a multi-tiered Security...
-
SOC Operations Specialist
2 weeks ago
New Delhi, India Talentmatics Full timeWe are seeking aSOC Operations Specialistto strengthen our cybersecurity defense and response capabilities. The role involves leading threat detection, investigation, and automation efforts usingMicrosoft SentinelandDefender XDR . You’ll be working closely with cross-functional teams to enhance the organization’s overall security posture through advanced...
-
New Delhi, India Triune Infomatics Inc Full timeRole: Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response Working Hours: Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours) Reporting To: Security Operations (SecOps) Leader – USAAbout the Role:We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven...
