Cyber security engineer

Job Title : - Cyber Security Engineer

Experience : 6 to 9 Years

Location : Hyderabad, Chennai

Virtual Drive : 10am to 4pm

Job Description :

Desired Competencies (Technical / Behavioral Competency)

Must-Have

(Ideally should not be more than 3-5)

Continuously monitor :

Monitor security alerts and events from various sources, including Microsoft Sentinel, Defender for Endpoint and Defender for Cloud.

Perform log management : Perform log ingestion, define use cases, and create alerts for critical assets.

Develop Detection Rules : Create, implement, and fine-tune analytical rules, alerts, and queries in Microsoft Sentinel and Defender to detect security incidents and reduce false positives.

Behavioral Analytics : Leverage user and entity behavior analytics (UEBA) to identify abnormal activities and enhance detection capabilities.

Customize Playbooks : Develop and customize automation playbooks in Sentinel and defender to streamline incident response processes and improve efficiency.

Threat Hunting : Using IOCs and threat intelligence, perform threat hunting across environment.

Incident Response

Analyze and investigate security incidents to identify potential threats.

Respond promptly to security incidents, provide initial analysis, conduct business impact assessment, isolate, eradicate and recover from threats.

Document and report incidents, ensuring accurate and comprehensive records.

Follow established incident response procedures, playbooks and contribute to their enhancement.

Testing and Validation

Participate in Blue\Red\Purple team exercises.

Participate in Cyber crisis simulations.

Participate in Table-top exercises.

Business Context and Risk Management

Understand the Business value chain.

Understand key Business processes.

Understanding the Business architecture and mapping to crown jewels (critical assets)

Risk management with the ability to conduct risk assessments when required.

Endpoint Detection and Response (EDR)

Manage and maintain endpoint security and compliance.

Perform daily health checks endpoint security and EDR solutions and remediate accordingly.

Conduct regular scans and assessments to identify and mitigate potential vulnerabilities.

Collaborate with IT teams to ensure endpoint security configurations align with organizational standards.

Good-to-Have Skills / Competencies

Communication : Excellent written and verbal communication skills in English, with the ability to effectively communicate technical information to both technical and non-technical audiences.

Collaboration : Willing and able to share knowledge and learn from colleagues

Time Management : Ability to work in independent environments under aggressive timelines and pressure.

Reporting skills : Outstanding written skills for preparing email feedback and incident reports

Ability to manage stress and pressure.

Passion for continuous learning and development

A “go getter” who is willing to go the extra mile to identify problems and recommend innovative solutions.

SN

Responsibility of / Expectations from the Role

Must have 4+ years’ experience in a SOC or Cybersecurity related role.

Candidates with the following technology experiences will be preferred : Microsoft Defender XDR, EDR, JAMF, Symantec DCS, DNS, network security, Online Brand Protection platforms, Mimecast, Symantec DLP, Next DLP, Forti Analyzer, Sophos, Crowd Strike and Azure Sentinel.

Experience with common information technologies (Windows, VMware, and Cisco as well as some UNIX, Linux).

Experience with security tools (WAF, Proxy, DNS, IDS, firewalls, anti-virus, data loss prevention, Azure Entra ID, IAM, PAM, MFA, NAC, DLP).

Knowledge of Cloud Security Operations (Saa S, Paa S, Iaa S), Mobile Architecture, Network and Application Security and / or Data Protection.

Effective verbal and written communication skill