Cyber Security Engineer

Job Title :- Cyber Security Engineer

Experience: 6 to 9Years

Location: Hyderabad, Chennai

Virtual Drive : 10am to 4pm

Job Description:

Desired Competencies (Technical/Behavioral Competency)

Must-Have**

(Ideally should not be more than 3-5)

Continuously monitor:

- Monitor security alerts and events from various sources, including Microsoft Sentinel, Defender for Endpoint and Defender for Cloud.
- Perform log management: Perform log ingestion, define use cases, and create alerts for critical assets.
- Develop Detection Rules: Create, implement, and fine-tune analytical rules, alerts, and queries in Microsoft Sentinel and Defender to detect security incidents and reduce false positives.
- Behavioral Analytics: Leverage user and entity behavior analytics (UEBA) to identify abnormal activities and enhance detection capabilities.
- Customize Playbooks: Develop and customize automation playbooks in Sentinel and defender to streamline incident response processes and improve efficiency.
- Threat Hunting: Using IOCs and threat intelligence, perform threat hunting across environment.

Incident Response

- Analyze and investigate security incidents to identify potential threats.
- Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradicate and recover from threats.
- Document and report incidents, ensuring accurate and comprehensive records.
- Follow established incident response procedures, playbooks and contribute to their enhancement.

Testing and Validation

- Participate in Blue/Red/Purple team exercises.
- Participate in Cyber crisis simulations.
- Participate in Table-top exercises.

Business Context and Risk Management

- Understand the Business value chain.
- Understand key Business processes.
- Understanding the Business architecture and mapping to crown jewels (critical assets)
- Risk management with the ability to conduct risk assessments when required.

-

Endpoint Detection and Response (EDR)

- Manage and maintain endpoint security and compliance.
- Perform daily health checks endpoint security and EDR solutions and remediate accordingly.
- Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.
- Collaborate with IT teams to ensure endpoint security configurations align with organizational standards.

Good-to-Have Skills/ Competencies

- Communication: Excellent written and verbal communication skills in English, with the ability to effectively communicate technical information to both technical and non-technical audiences.
- Collaboration: Willing and able to share knowledge and learn from colleagues
- Time Management: Ability to work in independent environments under aggressive timelines and pressure.
- Reporting skills: Outstanding written skills for preparing email feedback and incident reports
- Ability to manage stress and pressure.
- Passion for continuous learning and development
- A “go getter” who is willing to go the extra mile to identify problems and recommend innovative solutions.

SN

Responsibility of / Expectations from the Role

1

Must have 4+ years’ experience in a SOC or Cybersecurity related role.

2

Candidates with the following technology experiences will be preferred: Microsoft Defender XDR, EDR, JAMF, Symantec DCS, DNS, network security, Online Brand Protection platforms, Mimecast, Symantec DLP, Next DLP, FortiAnalyzer, Sophos, CrowdStrike and Azure Sentinel.

3

Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).

4

Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, Azure Entra ID, IAM, PAM, MFA, NAC, DLP).

5

Knowledge of Cloud Security Operations (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data Protection.

6

Effective verbal and written communication skill