(Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

Role : Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

Working Hours : Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours)

Reporting To : Security Operations (SecOps) Leader – USA

About the Role : We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven experience in threat hunting, incident response, and SOC program maturity. This role will report directly to the SecOps Manager in India and requires someone who thrives in a collaborative environment and leads by example. If you are a true expert with Microsoft Sentinel, CrowdStrike, MDE, SOAR platforms, MITRE ATT&CK framework, APT detection, and scripting, this role offers a great opportunity to build and defend a modern SOC environment.

Please note : This is not a SOC Analyst role. Candidates must have 7-10+ years of hands-on SOC Engineer experience with deep threat hunting and incident response expertise. Must be available to work U.S. business hours (PST timezone).

Key Responsibilities :

• Threat Hunting :
• Lead proactive threat hunting initiatives aligned with MITRE ATT&CK framework to identify, investigate, and mitigate advanced threats and adversary behaviors.
• Use telemetry from Microsoft Sentinel, CrowdStrike Falcon, MDE, and other tools to detect anomalies and emerging attack patterns.
• Develop and optimize threat hunting queries and playbooks using KQL, Python, and PowerShell.
• Continuously improve detection coverage to reduce dwell time and prevent breaches.
• Incident Response :
• Design, implement, and maintain an effective Incident Response (IR) program and playbooks covering APTs, ransomware, insider threats, and complex multi-stage attacks.
• Lead investigations on high-fidelity security alerts, conduct root cause analysis, containment, eradication, and recovery.
• Utilize CrowdStrike Falcon EDR (including RTR), Microsoft Defender for Endpoint, and Tenable for comprehensive endpoint and vulnerability correlation during incidents.
• Perform network forensics and packet analysis using Fortinet and Palo Alto firewall logs.
• Manage cloud security incidents within Azure (Azure Sentinel, Security Center) and Microsoft 365 environments.
• Coordinate with internal teams and external partners for timely, coordinated response to security incidents.
• SOC Engineering & Program Maturity :
• Build and mature the SOC’s SIEM and SOAR architecture, detection engineering, and response automation.
• Develop advanced detection logic, hunting queries, and automation workflows.
• Mentor junior SOC members and act as a technical escalation point.
• Collaborate with managed SOC partners and other security teams to enhance detection and response capabilities.

Required Experience & Skills :

Expertise in :

Preferred Certifications :