Cyber security engineer

Job Title :- Cyber Security EngineerExperience: 6 to 9 YearsLocation: Hyderabad, ChennaiVirtual Drive : 10am to 4pmJob Description:Desired Competencies (Technical/Behavioral Competency)Must-Have**(Ideally should not be more than 3-5)Continuously monitor:Monitor security alerts and events from various sources, including Microsoft Sentinel, Defender for Endpoint and Defender for Cloud.Perform log management: Perform log ingestion, define use cases, and create alerts for critical assets.Develop Detection Rules: Create, implement, and fine-tune analytical rules, alerts, and queries in Microsoft Sentinel and Defender to detect security incidents and reduce false positives.Behavioral Analytics: Leverage user and entity behavior analytics (UEBA) to identify abnormal activities and enhance detection capabilities.Customize Playbooks: Develop and customize automation playbooks in Sentinel and defender to streamline incident response processes and improve efficiency.Threat Hunting: Using IOCs and threat intelligence, perform threat hunting across environment.Incident ResponseAnalyze and investigate security incidents to identify potential threats.Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradicate and recover from threats.Document and report incidents, ensuring accurate and comprehensive records.Follow established incident response procedures, playbooks and contribute to their enhancement.Testing and ValidationParticipate in Blue\Red\Purple team exercises.Participate in Cyber crisis simulations.Participate in Table-top exercises.Business Context and Risk ManagementUnderstand the Business value chain.Understand key Business processes.Understanding the Business architecture and mapping to crown jewels (critical assets)Risk management with the ability to conduct risk assessments when required.Endpoint Detection and Response (EDR)Manage and maintain endpoint security and compliance.Perform daily health checks endpoint security and EDR solutions and remediate accordingly.Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.Collaborate with IT teams to ensure endpoint security configurations align with organizational standards.Good-to-Have Skills/ CompetenciesCommunication: Excellent written and verbal communication skills in English, with the ability to effectively communicate technical information to both technical and non-technical audiences.Collaboration: Willing and able to share knowledge and learn from colleaguesTime Management: Ability to work in independent environments under aggressive timelines and pressure.Reporting skills: Outstanding written skills for preparing email feedback and incident reportsAbility to manage stress and pressure.Passion for continuous learning and developmentA “go getter” who is willing to go the extra mile to identify problems and recommend innovative solutions.SNResponsibility of / Expectations from the Role1Must have 4+ years’ experience in a SOC or Cybersecurity related role.2Candidates with the following technology experiences will be preferred: Microsoft Defender XDR, EDR, JAMF, Symantec DCS, DNS, network security, Online Brand Protection platforms, Mimecast, Symantec DLP, Next DLP, Forti Analyzer, Sophos, Crowd Strike and Azure Sentinel.3Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).4Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, Azure Entra ID, IAM, PAM, MFA, NAC, DLP).5Knowledge of Cloud Security Operations (Saa S, Paa S, Iaa S), Mobile Architecture, Network and Application Security and/or Data Protection.6Effective verbal and written communication skill