SOC Engineer

SOC Engineer

Location: PAN India Genpact Location

Experience: 3-8 years

Only immediate Joiners.

Kindly do apply here or share resume to nsenthil.kumar@genpact.com with Sub of "SOC" along with Notice period.

This role will enhance the Client Cyber Security Incident Response Team’s (CSIRT) automation and orchestration capabilities (SOAR). The candidate will be responsible for developing, implementing, and maintaining automation solutions to enhance security monitoring and incident response capabilities. The ideal candidate will have experience in IR and a SOC environment and automation and orchestration experience. Moreover, the candidate will be able to apply the experience in incident response to identify and develop automation workflows that will enhance operations.

MANDATORY SKILLS:

• Skilled in scripting languages like Python, PowerShell, and Bash, with a deep understanding of automation tools and methodologies.
• Experience in cyber security incident response and incident management.
• Keen ability to identify waste and improve processes by leveraging automation in an efficient manner.
• Ability and experience integrating security tools to perform automation and orchestration.
• Excellent problem-solving and analytical skills.

JOB RESPONSIBILITIES:

• Work closely with CSIRT team people & technology to detect, assess, and communicate cyber threats.
• Identify IR automation opportunities and areas to reduce waste and collaborate with internal CSIRT members on automation requests.
• Develop and maintain automated playbooks for incident response, threat detection, and monitoring.
• Collaborate with SOC analysts to identify repetitive tasks and manual processes suitable for automation.
• Perform incident response leveraging security tools such as SIEM, EDR solutions, Cloud security solutions, and Threat Intelligence tools.
• Coordinate with different teams across the business through all phases of incident response.
• Develop and implement automated workflows to enhance incident response tasks and detection.

BONUS POINTS

• Knowledge and skills in query languages useful for threat hunting and detection engineering.
• Knowledge of APIs, RESTful services, and integration techniques for security tools.

JOB REQUIREMENTS:

• Bachelor’s degree (or equivalent) in Computer Science, Cybersecurity, Information Security, or a related field.
• Minimum 3 years of information security experience, with a very strong technical background.
• Demonstrated Incident Response and SOC experience.
• Basic exposure to threat hunting methods and tools, including SIEM platforms, EDR solutions, network traffic analysis tools, and threat intelligence feeds.
• Well versed with analysing and interpreting security logs, network traffic, and endpoint data to identify and investigate potential security incidents.
• Basic exposure to crafting SIEM queries for investigation, threat hunting, and/or detect engineering.
• Basic exposure to threat intelligence frameworks and methodologies, including STIX/TAXII, MITRE ATT&CK framework, and other relevant standards.