SOC Content Detection Engineer
3 days ago
WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOMEDepartment:Managed Services & Support & Security Operations Center (SOC) Job Type:Full-Time Reports To:SOC Team Lead / Head of Cybersecurity ServicesJob Overview: We are seeking a technically skilled and detail-orientedSOC Content Detection Engineerto lead the development, optimization, and governance of detection content across Microsoft Sentinel and Defender XDR platforms. This role is critical to ensuring high-fidelity alerting, minimizing false positives, and aligning detection logic with threat intelligence and MITRE ATT&CK frameworks. The ideal candidate will have deep experience in KQL, Sigma rule development, and SOC telemetry analysis within MSSP environments.Key Responsibilities:1.Detection Content Development ·Design and implement custom detection rules using KQL ,Sigma , and behavioral analytics. ·Map detection logic toMITRE ATT&CKtechniques and threat actor profiles. ·Develop UEBA baselines and anomaly detection use cases. 2.Alert Tuning & Optimization ·Analyze alert performance and lead biweekly tuning cycles to reduce false positives. ·Collaborate with L2/L3 analysts to refine detection thresholds and suppression logic. ·Maintain a detection content repository with version control and change logs. 3.Telemetry & Visibility Engineering ·Conduct log source visibility reviews and telemetry gap analysis. ·Recommend log onboarding priorities based on threat coverage and customer environments. ·Validate parsing, normalization, and enrichment of ingested data. 4.Threat Intelligence Integration ·Operationalize threat intelligence into detection content and hunt scenarios. ·Integrate IOCs, TTPs, and threat actor indicators into rule logic and enrichment workflows. 5.Governance & Documentation ·Maintain detection playbooks, rule documentation, and tuning reports. ·Ensure detection content aligns with MSSP governance frameworks and audit requirements. ·Support change control processes for rule deployment and rollback. 6.Collaboration & Enablement ·Work closely with SOC analysts, onboarding consultants, and automation engineers. ·Provide training and guidance on detection logic, rule writing, and tuning best practices. ·Participate in incident post-mortems to identify detection gaps and improvement areas. Required Skills & Qualifications:1.Education ·Bachelor’s degree in Cybersecurity, Computer Science, or related field. 2.Certifications ·Required: Microsoft Certified: Security Operations Analyst Associate ·Preferred: MITRE ATT&CK Defender (MAD), GIAC (GCIA, GMON), CompTIA CySA+ 3.Technical Skills ·Expert-level proficiency in KQL, Microsoft Sentinel, and Defender XDR. ·Experience with Sigma rule development, UEBA, and SIEM tuning. ·Strong understanding of log source telemetry, data normalization, and alert lifecycle. ·Familiarity with threat intelligence platforms and MITRE ATT&CK mapping. 4.Soft Skills ·Analytical mindset with strong attention to detail. ·Excellent documentation and presentation skills. ·Ability to collaborate across technical and operational teams. ·Fluent English communication skills (spoken and written). Experience:5+ yearsinSOCorcybersecurity operations , with at least2 yearsindetection engineeringorSIEM content development . Prior experience in MSSP environments or multi-tenant SOC platforms is highly preferred.
-
SOC Operations Specialist
3 days ago
New Delhi, India Talentmatics Full timeWe are seeking a SOC Operations Specialist to strengthen our cybersecurity defense and response capabilities. The role involves leading threat detection, investigation, and automation efforts using Microsoft Sentinel and Defender XDR. You’ll be working closely with cross-functional teams to enhance the organization’s overall security posture through...
-
Senior Manager – SOC Operations
5 days ago
New Delhi, India Mphasis Full timeJob Description: Senior Manager – SOC OperationsRole Overview We are seeking an experienced, hands-on Senior Manager to lead our Security Operations Center (SOC). The ideal candidate will bring deep technical expertise, proven leadership experience, and a track record of building, optimizing, and maturing SOC functions. This individual will play a critical...
-
SOC Lead Engineer
5 days ago
New Delhi, India Versa Networks Full timeSOC Lead Engineer Location:Bangalore Experience: 8- 15 YRSJob Summary The SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24/7 monitoring, detection, analysis, and response to security threats. This role involves managing incident response processes, optimising security tools, and leading a team of security...
-
SOC Lead Engineer
3 days ago
New Delhi, India Versa Networks Full timeSOC Lead EngineerLocation: BangaloreExperience: 8- 15 YRSJob SummaryThe SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24/7 monitoring, detection, analysis, and response to security threats.This role involves managing incident response processes, optimising security tools, and leading a team of security analysts...
-
Senior Detection Engineer
3 days ago
New Delhi, India CareerXperts Consulting Full timeWe’re seeking a Senior Detection Engineer to lead the next evolution of AI-augmented threat detection.This role goes beyond traditional detection engineering : you’ll help improve and build our Detection Engineering Agent, responsible for continuously grading and improving detection coverage based on a customer’s available telemetry, configuration, and...
-
New Delhi, India Triune Infomatics Inc Full timeRole: Senior Cybersecurity SOC Engineer – Threat Hunting & Incident ResponseWorking Hours: Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours)Reporting To: Security Operations (SecOps) Leader – USAAbout the Role: We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven...
-
New Delhi, India Triune Infomatics Inc Full timeRole: Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response Working Hours: Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours) Reporting To: Security Operations (SecOps) Leader – USAAbout the Role:We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven...
-
Security Operations Center
2 days ago
New Delhi, India ColorTokens Inc. Full timeAbout ColorTokensAt ColorTokens, we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen—but with our cutting-edge ColorTokens Xshield™ platform, companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to...
-
Digital Forensics Analyst
3 days ago
New Delhi, India Rapid7 Full timeDetection and Response Analyst - Rapid7 MDR (SOC 24 x 7)Rapid7 is seeking passionate Detection and Response Analysts to join our Managed Detection and Response (MDR) team. In this role, you'll utilize Rapid7's advanced tools and threat intelligence to investigate and triage high-priority security events across diverse customer environments.About the RoleAs a...
-
OT SOC Analyst
5 days ago
New Delhi, India L&T Technology Services Full timeRole Summary:As an L2 OT SOC Analyst, you will be responsible for advanced threat detection, incident response, and forensic analysis within Operational Technology (OT) environments using Claroty XDOME. You will handle escalated alerts from L1 analysts, perform deep-dive investigations, and contribute to the continuous improvement of OT cybersecurity...
