Lead Consultant- SOC Automation engineer

Genpact (NYSE: G) is a global professional services and solutions firm delivering outcomes that shape the future. Our 125,000+ people across 30+ countries are driven by our innate curiosity, entrepreneurial agility, and desire to create lasting value for clients. Powered by our purpose - the relentless pursuit of a world that works better for people - we serve and transform leading enterprises, including the Fortune Global 500, with our deep business and industry knowledge, digital operations services, and expertise in data, technology, and AI.
Inviting applications for the role of Lead Consultant- SOC Automation engineer
 
• This role will enhance the client Cyber Security Incident Response Team’s (CSIRT) automation and orchestration capabilities (SOAR). The candidate will be responsible for developing, implementing, and maintaining automation solutions to enhance security monitoring and incident response capabilities.
• The ideal candidate will have experience in IR and a SOC environment and automation and orchestration experience. Moreover, the candidate will be able to apply the experience in incident response to identify and develop automation workflows that will enhance operations. 
 
Responsibilities
• Work closely with CSIRT team people & technology to detect, assess, and communicate cyber threats. 
• Identify IR automation opportunities and areas to reduce waste and collaborate with internal CSIRT members on automation requests. 
• Develop and maintain automated playbooks for incident response, threat detection, and monitoring. 
• Collaborate with SOC analysts to identify repetitive tasks and manual processes suitable for automation. 
• Perform incident response leveraging security tools such as SIEM, EDR solutions, Cloud security solutions, and Threat Intelligence tools. 
• Coordinate with different teams across the business through all phases of incident response. 
• Develop and implement automated workflows to enhance incident response tasks and detection. 
• Knowledge and skills in query languages useful for threat hunting and detection engineering. 
• Knowledge of APIs, RESTful services, and integration techniques for security tools. 

Qualifications we seek in you 
 
Minimum Qualifications / Skills
• Bachelor’s degree (or equivalent) in Computer Science, Cybersecurity, Information Security, or a related field. 
• Experience of information security experience, with a very strong technical background. 
Preferred Qualifications/ Skills
• Demonstrated Incident Response and SOC experience. 
• Basic exposure to threat hunting methods and tools, including SIEM platforms, EDR solutions, network traffic analysis tools, and threat intelligence feeds. 
• Well versed with analysing and interpreting security logs, network traffic, and endpoint data to identify and investigate potential security incidents. 
• Basic exposure to crafting SIEM queries for investigation, threat hunting, and/or detect engineering. 
• Basic exposure to threat intelligence frameworks and methodologies, including STIX/TAXII, MITRE ATT&CK framework, and other relevant standards. 
• Skilled in scripting languages like Python, PowerShell, and Bash, with a deep understanding of automation tools and methodologies. 
• Experience in cyber security incident response and incident management. 
• Keen ability to identify waste and improve processes by leveraging automation in an efficient manner. 
• Ability and experience integrating security tools to perform automation and orchestration. 
• Excellent problem-solving and analytical skills.