SOC Content Detection Engineer
ConfidentialNoida, India10 days ago
Job descriptionAnalyze alert performance and lead biweekly tuning cycles to reduce false positives. Collaborate with L2 / L3 analysts to refine detection thresholds and suppression logic. Maintain a detection content repository with version control and change logs. Conduct log source visibility reviews and telemetry gap analysis. Recommend log onboarding priorities based on threat coverage and customer environments. Validate parsing, normalization, and enrichment of ingested data. Operationalize threat intelligence into detection content and hunt scenarios. Integrate IOCs, TTPs, and threat actor indicators into rule logic and enrichment workflows. Maintain detection playbooks, rule documentation, and tuning reports. Ensure detection content aligns with MSSP governance frameworks and audit requirements. Support change control processes for rule deployment and rollback. Work closely with SOC analysts, onboarding consultants, and automation engineers. Provide training and guidance on detection logic, rule writing, and tuning best practices. Participate in incident post-mortems to identify detection gaps and improvement areas. Bachelor's degree in Cybersecurity, Computer Science, or related field. Required : Microsoft Certified : Security Operations Analyst Associate Preferred : MITRE ATT&CK Defender (MAD), GIAC (GCIA, GMON), CompTIA CySA+ Expert-level proficiency in KQL, Microsoft Sentinel, and Defender XDR. Experience with Sigma rule development, UEBA, and SIEM tuning. Strong understanding of log source telemetry, data normalization, and alert lifecycle. Familiarity with threat intelligence platforms and MITRE ATT&CK mapping. Analytical mindset with strong attention to detail. Excellent documentation and presentation skills. Ability to collaborate across technical and operational teams. Fluent English communication skills (spoken and written). 5+ years in SOC or cybersecurity operations , with at least 2 years in detection engineering or SIEM content development . Prior experience in MSSP environments or multi-tenant SOC platforms is highly preferred.
WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME
Department : Managed Services & Support & Security Operations Center (SOC)
Job Type : Full-Time
Reports To : SOC Team Lead / Head of Cybersecurity Services
Job Overview :
We are seeking a technically skilled and detail-oriented SOC Content Detection Engineer to lead the development, optimization, and governance of detection content across Microsoft Sentinel and Defender XDR platforms. This role is critical to ensuring high-fidelity alerting, minimizing false positives, and aligning detection logic with threat intelligence and MITRE ATT&CK frameworks. The ideal candidate will have deep experience in KQL, Sigma rule development, and SOC telemetry analysis within MSSP environments.
Key Responsibilities :
1. Detection Content Development
- Design and implement custom detection rules using KQL , Sigma , and behavioral analytics.
- Map detection logic to MITRE ATT&CK techniques and threat actor profiles.
- Develop UEBA baselines and anomaly detection use cases.
2. Alert Tuning & Optimization
3. Telemetry & Visibility Engineering
4. Threat Intelligence Integration
5. Governance & Documentation
6. Collaboration & Enablement
Required Skills & Qualifications :
1. Education
2. Certifications
3. Technical Skills
4. Soft Skills
Experience :
Skills Required
Sigma
Create a job alert for this search
Soc Engineer • Noida, India
Related jobs
- Promoted
Principal Technical Engineer(Pharmacovigilance - Signal Detection Solutions)
Qinecsa SolutionsGhaziabad, IN We are seeking a Principal Technical Engineer to design and develop pharmacovigilance signal detection solutions based on our flagship Qinecsa Vigilance Workbench signal detection platform.The idea...Show moreLast updated: 27 days ago
- Promoted
SOC Analyst - SIEM Tools
WorkassistGurgaon Title : SOC Analyst Function : Cyber Security Operations / Managed Detection and Response (MDR) Experience : 3...Show moreLast updated: 21 days ago
- Promoted
Sr. SOC Engineer (Red Teaming & Web Application Security Specialist)
Hitachi DigitalNoida, Uttar Pradesh, India This job is with Hitachi Digital, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.
Please do not contact the recruiter directly.Our Comp...Show moreLast updated: 15 days ago
- Promoted
Sr. SOC Engineer (Red Teaming & Web Application Security Specialist)
Hitachi Digital ServicesNoida, Uttar Pradesh, India This job is with Hitachi Digital Services, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.
Please do not contact the recruiter directly...Show moreLast updated: 15 days ago
- Promoted
IP / SoC Verification Engineer
ConfidentialDelhi, India WHAT YOU DO AT AMD CHANGES EVERYTHING.At AMD, our mission is to build great products that accelerate next-generation computing experiences - from AI and data centers, to PCs, gaming and embedded sy...Show moreLast updated: 10 days ago
- Promoted
IP / SOC Verification Engineer
ACL DigitalGhaziabad, IN IP / SS / SoC Verification Engineer (Hybrid – Bangalore / Hyderabad).The role involves hands-on contribution to.IP, Sub-system, and SoC-level verification.
SystemVerilog / UVM-based verification environme...Show moreLast updated: 7 days ago
- Promoted
Application Security Engineer
FoodsmartMeerut, IN Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 26 days ago
- Promoted
SOC (Cyber Security) - L2
ConfidentialNoida, India Level 2 Senior Security Operations Center (SOC) Analyst.WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME.
Short notice period or immediate joiners are prefe...Show moreLast updated: 10 days ago
- Promoted
Lead Security Engineer
interface.aiDelhi, IN Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago
- Promoted
SOC Analyst
ConfidentialDelhi NCR, Delhi As a SOC Analyst, you will play a crucial role in our security operations.Along the way, you will get to : .Analyze security notifications to identify potential security issues and thoroughly evaluat...Show moreLast updated: 30+ days ago
- Promoted
Senior Product Security Engineer
REAGurgaon, India Lead Product Security Engineer.The Product Security team works alongside our Security Operations and Security Advisory teams to form the Group Security Tribe.
Group Security works together to embed ...Show moreLast updated: 30+ days ago
- Promoted
Cyber Security Specialist
Innefu LabsDelhi, IN We are seeking experienced and detail-oriented professionals for the role.The selected candidates will be responsible for assisting cybercrime investigations by collecting and analysing digital evi...Show moreLast updated: 6 days ago
- Promoted
Sr Threat Detection Engineer
Insight GlobalDelhi, IN Exact compensation may vary based on several factors, including skills, experience, and education.We are seeking a highly experienced Senior Detection Engineer to lead the development and optimizat...Show moreLast updated: 19 days ago
- Promoted
Sr. SOC Engineer (Red Teaming & Web Application Security Specialist)
ConfidentialNoida, India We're Hitachi Digital, a company at the forefront of digital transformation and the fastest growing division of Hitachi Group.
We're crucial to the company's strategy and ambition to become a premie...Show moreLast updated: 30+ days ago
- Promoted
SOC Analyst L3
Sanganan IT Solutions Pvt Ltd.Noida, Uttar Pradesh, India Job Title : Level 3 Security Operations Center (SOC) Analyst Job Type : Full Time Job Location : WORK FROM NOIDA OFFICE, PLEASE DON'T APPLY IF YOU ARE LOOKING FOR HYBRID OR WORK FROM HOME Short...Show moreLast updated: 1 day ago
- Promoted
Information Security Engineer
SodexoNew Delhi, Delhi, India Operational security automation is the process of automating some or all aspects of SOC or VOC operations.Replacing manual workflows with automated ones.
A fundamental building block of automation i...Show moreLast updated: 27 days ago
- Promoted
Lead Security Engineer
ArcanaMeerut, IN As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between.
You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago
- Promoted
Sr. Lead - Cloud Security
Sycamore Informatics Inc.Meerut, IN Cloud security framework; Strong scripting skills with PowerShell and.Solid understanding of version control tools, particularly Git.
Experience with cloud platforms, including AWS, Azure and GCP.Pr...Show moreLast updated: 30+ days ago