SOC Content Detection EngineerSanganan IT Solutions Pvt Ltd. • Noida, Uttar Pradesh, India
SOC Content Detection Engineer
Sanganan IT Solutions Pvt Ltd. • Noida, Uttar Pradesh, India
30+ days ago
Job descriptionDesign and implement custom detection rules using KQL , Sigma , and behavioral analytics. Map detection logic to MITRE ATT&CK techniques and threat actor profiles. Develop UEBA baselines and anomaly detection use cases. Analyze alert performance and lead biweekly tuning cycles to reduce false positives. Collaborate with L2 / L3 analysts to refine detection thresholds and suppression logic. Maintain a detection content repository with version control and change logs. Conduct log source visibility reviews and telemetry gap analysis. Recommend log onboarding priorities based on threat coverage and customer environments. Validate parsing, normalization, and enrichment of ingested data. Operationalize threat intelligence into detection content and hunt scenarios. Integrate IOCs, TTPs, and threat actor indicators into rule logic and enrichment workflows. Maintain detection playbooks, rule documentation, and tuning reports. Ensure detection content aligns with MSSP governance frameworks and audit requirements. Support change control processes for rule deployment and rollback. Work closely with SOC analysts, onboarding consultants, and automation engineers. Provide training and guidance on detection logic, rule writing, and tuning best practices. Participate in incident post-mortems to identify detection gaps and improvement areas. Bachelor’s degree in Cybersecurity, Computer Science, or related field. Required : Microsoft Certified : Security Operations Analyst Associate Preferred : MITRE ATT&CK Defender (MAD), GIAC (GCIA, GMON), CompTIA CySA+ Expert-level proficiency in KQL, Microsoft Sentinel, and Defender XDR. Experience with Sigma rule development, UEBA, and SIEM tuning. Strong understanding of log source telemetry, data normalization, and alert lifecycle. Familiarity with threat intelligence platforms and MITRE ATT&CK mapping. Analytical mindset with strong attention to detail. Excellent documentation and presentation skills. Ability to collaborate across technical and operational teams. Fluent English communication skills (spoken and written). 5+ years in SOC or cybersecurity operations , with at least 2 years in detection engineering or SIEM content development . Prior experience in MSSP environments or multi-tenant SOC platforms is highly preferred.
Department : Managed Services & Support & Security Operations Center (SOC)
Job Type : Full-Time
Reports To : SOC Team Lead / Head of Cybersecurity Services
Full-time
- WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME
- Short notice period or immediate joiners are preferred.
Job Overview :
We are seeking a technically skilled and detail-oriented SOC Content Detection Engineer to lead the development, optimization, and governance of detection content across Microsoft Sentinel and Defender XDR platforms. This role is critical to ensuring high-fidelity alerting, minimizing false positives, and aligning detection logic with threat intelligence and MITRE ATT&CK frameworks. The ideal candidate will have deep experience in KQL, Sigma rule development, and SOC telemetry analysis within MSSP environments.
Key Responsibilities :
1. Detection Content Development
2. Alert Tuning & Optimization
3. Telemetry & Visibility Engineering
4. Threat Intelligence Integration
5. Governance & Documentation
6. Collaboration & Enablement
Required Skills & Qualifications :
1. Education
2. Certifications
3. Technical Skills
4. Soft Skills
Experience :
Create a job alert for this search
Soc Engineer • Noida, Uttar Pradesh, India
Related jobs
Cyber Threat Researcher
3Columns • New Delhi, Delhi, India
Columns is a specialist cybersecurity firm that delivers a wide range of services, including security assurance, security governance, professional services, and managed services.Solutions include m...Show more
Last updated: 15 days ago • Promoted
Soc Content Detection Engineer
Sanganan IT Solutions Pvt Ltd. • Noida, Republic Of India, IN
Managed Services & Support & Security Operations Center (SOC).SOC Team Lead / Head of Cybersecurity Services.WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HO...Show more
Last updated: 30+ days ago • Promoted
Principal Technical Engineer - Pharmacovigilance Signal Detection Solutions
Qinecsa Solutions • Ghaziabad, IN
Principal Technical Engineer - Pharmacovigilance Signal Detection Solutions.We are seeking a Principal Technical Engineer to design and develop pharmacovigilance signal detection solutions based on...Show more
Last updated: 5 days ago • Promoted
Cyber Security Engineer
CareerUS Solutions • Ghaziabad, IN
Cyber Security Engineer – Job Description.The Cyber Security Engineer is responsible for designing, implementing, and maintaining security systems to protect the organization’s computer networks, a...Show more
Last updated: 18 days ago • Promoted
Security Operations Center Analyst
airtel • Delhi, India, India
Seeking a skilled and motivated L1 / L2 Analyst – Dark Web Monitoring & Threat Intelligence to join our Security Operations Center (SOC) team.
In this role, the analyst will focus on dark web intellig...Show more
Last updated: 28 days ago • Promoted
Cloud Security and DevOps Engineer
Recfront • Ghaziabad, IN
Cloud Security and DevOps Engineer (GCP + AI-Driven) .Our client is redefining hormone health by blending clinical expertise, data-driven innovation, and a fully integrated digital platform.They em...Show more
Last updated: 2 days ago • Promoted
Security Operations Engineer
ITPeopleNetwork • Ghaziabad, IN
We are looking for a junior to mid-level.Saviynt Identity Access Management (IAM / IGA).CyberArk Endpoint Privilege Manager (EPM).
The ideal candidate will assist in user access governance, email thre...Show more
Last updated: 11 days ago • Promoted
Cloud Security Researcher
SecLogic.ai • Noida, Uttar Pradesh, India
Powered Cloud Application Detection & Response (CADR) platform covering reactive & proactive security for the Code-to-Cloud & Kubernetes environments.
The platform analyze & respond to threats & att...Show more
Last updated: 25 days ago • Promoted
Cyber Security Engineer
HCLTech • Noida, Uttar Pradesh, India
The candidate ensures that the risk to the organization’s information posed by a variety of cyber threats is minimized.Candidate in this role will function as subject matter expertise within the di...Show more
Last updated: 8 days ago • Promoted
AI Security Engineer
Tumeryk • Greater Delhi Area, India
Tumeryk is a security and governance platform tailored for Agentic AI infrastructure.We assist enterprises in discovering, securing, and governing AI agentic applications, chatbots, and large langu...Show more
Last updated: 30+ days ago • Promoted
Lead Security Engineer
Arcana • Ghaziabad, IN
As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between.
You'll design and enforce policies, automate controls, and harden...Show more
Last updated: 30+ days ago • Promoted
Senior Application Security Engineer
Sphera • Ghaziabad, IN
Sphera is a leading global provider of enterprise software and services that enables companies to manage and optimize their environmental, health, safety and sustainability.Our mission is to create...Show more
Last updated: 18 days ago • Promoted
AI Security Lead
Delphi Consulting Middle East • Ghaziabad, IN
Join Delphi - Where Innovation meets transformation.At Delphi, we believe in creating an environment where our people thrive.
We are committed to supporting your personal goals, family, and overall ...Show more
Last updated: 12 days ago • Promoted
Senior 3D Secure Implementation specialist
Art Technology and Software • Ghaziabad, IN
Client Implementation & Onboarding : .Lead end-to-end client 3DS implementations, including onboarding, integration, testing, and go-live for 3DS solutions.
Collaborate with cross-functional teams to ...Show more
Last updated: 26 days ago • Promoted
Cyber Security (SOC) - Team Lead
Sanganan IT Solutions Pvt Ltd. • Noida, Uttar Pradesh, India
Team Lead - Security Operations Center (SoC).WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME.
Short notice period or immediate joiners are preferred.As the...Show more
Last updated: 30+ days ago • Promoted
SoC Chip Lead
NXP Semiconductors • Noida, Uttar Pradesh, India
MPU Engineering team defines and develops System on Chip, ASIC’s, Digital and Analog IP’s for a wide range of products, including automotive microprocessors, application processors, microcontroller...Show more
Last updated: 30+ days ago • Promoted
Threat Detection Engineer
Sanganan IT Solutions Pvt Ltd. • Noida, Republic Of India, IN
Managed Services & Support & Security Operations Center (SOC).SOC Team Lead / Head of Cybersecurity Services.WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HO...Show more
Last updated: 16 hours ago • Promoted • New!
TAVS Tech Cyber Security Specialist / Engineer | Pune
DigiHelic Solutions Pvt. Ltd. • Ghaziabad, IN
Title : TAVS Tech Cyber Security Specialist.Strong hands-on experience with HashiCorp Vault (preferred) or CyberArk / CA PAM.
Good understanding of security protocols : HTTP / HTTPS, TLS, REST / SOAP, SAM...Show more
Last updated: 1 day ago • Promoted