Associate Technical Engineer – Cybersecurity

General InformationReq #WD00088843Career area : ServicesCountry / Region : IndiaState : KarnatakaCity : BANGALOREDate : Monday, September 29, 2025Working time : Full-timeAdditional Locations :

• India - Karnātaka - Bangalore
• India - Karnātaka - BANGALOREWhy Work at LenovoWe are Lenovo. We do what we say. We own what we do. We WOW our customers.Lenovo is a US$69 billion revenue global technology powerhouse, ranked #196 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE : 992) (ADR : LNVGY).This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visitwww.Lenovo.Com, and read about the latest news via our StoryHub.Description and RequirementsJob DescriptionSecurity Operations Centre (SOC) Analyst plays a vital role in Security delivery. As a SOC Analyst Level 3, you will be on the front line of Cyber Defense, detecting & responding to Cyber Incidents as they happen. You will work with other team members to provide situational awareness through detection, containment, and remediation of IT threats. This job requires great attention to detail and general awareness of Cyber Security tools like SIEM, XDR, EDR, IDS / IPS, ability understand various logs – network logs, sys logs, Firewall logs. As a SOC Analyst you are expected to have working knowledge in areas of networking, malware analysis, incident response, vulnerability management.Threat & vulnerability analysisInvestigate, document & report Information security issues & emerging trendsAnalysis & response to unknown vulnerabilitiesResponsibilitiesAs a SOC Analyst – Level 3, you will : Operate as detection and security incident response subject-matter expertTechnical subject-matter expert in SOC / SIEM and supporting technologies (EDR, UEBA, etc.) to develop custom queries (e.G., KQL) and playbooks for the SOC analysts to utilize in their investigations.Align and maintain detection capability to the Mitre attack framework.Perform root cause analysis of detection failures, identify areas for improvement.Drive the continuous development of detection capability for SOCManage, investigate, and resolve complex issues with the Security tooling.Securely configure the SIEM, and other SOC solutions in accordance with relevant policy and regulationSupport the Threat hunters in executing complex data analysis.Provide a point of escalation for SOC / security detection technical service issues.Ensure the relevant security tools are compliant with company standards and governance.Contribute to existing Policy, procedures and process documentation enhancementsDefine and implement technical governance processes for security tooling of SOC, SIEM and other security tools including AV, EDR, Defender Cloud.Create and review detection technology high and low level designs.Propose and identify automation opportunities resulting from incidents;

Provide recommendationsto the Client team, on how to mitigate or avert the occurrence of any suspicious activity within their environment.Provide In depth analysis to the user / customer about the security incidents (eg. Phishing attack)Troubleshoot connector / logger / Manager for log retrievalsPrepare SOC Management Reports.Analyzing & preparing daily and monthly reports based on the devices which are being monitoredCreating Reports and Dashboards based on the customer requirement.Creating Queries for the Rules requested by client for real time alerts.Creating Reports which helps in providing the logs for the alerts, for finding any possible threats.Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths.Independently follow procedures to contain, analyze, and eradicate malicious activity.Change Management / Implementation : Independently implement changes to meet customer infrastructure needs within area of technical responsibilityPatch and Security Management : Apply patch and security changes per policy.Configuration Management : Review Configuration Management Database (CMDB) entries to ensure they are complete and accurate.Quality : Provide continual improvement recommendations for direct responsibility area (process improvement, technical standard updates, etc).Project Management : Lead & participate in customer and internal projects, including transformation.Customer Relationship Management : Set expectations with customers and / or internal businesses / end users within defined parameters.Teamwork : Work as part of a team, which may be virtual and / or global. Participate as part of a team and maintains good relationships with team members and customersSkill8 - 12 years of relevant experienceTypical skills include : Fine-tune SIEM and other SOC tooling to exclude noise and false positivesCreate and fine-tune content in SIEM - correlation rules, Dashboard and Reports etcInteract with SIEM, EDR and NDR vendors (TAC Support) to remediate any issues with toolingEvaluate new solutions for SOCIdentify opportunities to improve overall capacity, playbook and runbookUnderstanding of threat landscapes and threat modelling, security threat and vulnerability management, and security monitoringWorking knowledge of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities.Knowledge of industry standards such as ISO 27001, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologiesDemonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiencesMust take ownership of tasks and demonstrate high degree of autonomy to ensure completionExcellent understanding of related technologies (Networking, Operating Systems)General Project Management (Expert)Customer / Vendor Management (IExpert)Business Analysis (Expert)Has ability to perform / drive resolution of problems on individual products.Able to communicate broad and specific concepts with team and to peers.Able to produce documentation for use by team and customer.Able to perform / drive resolution of problems on combinations and interactions of productsStrong verbal & written communication skillsProactive approach to meet & exceed goalsQualification & ExperienceBachelor’s degree in engineering (Electronics, Communication, Computer Science)8 - 12 years of relevant experience in SOC domainStrong understanding ITIL processRecognized Cyber Security certifications, such as CISSP, CISM, SANS, SABSA, OSCP are advantageous.Microsoft Security and compliance certifications such as SC-200, MS-500 and AZ-500 preferredAdditional Locations :