Talent.com
This job offer is not available in your country.
(Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

(Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

Triune Infomatics Incnoida, delhi, in
7 days ago
Job description

Role : Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response

Working Hours : Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours)

Reporting To : Security Operations (SecOps) Leader – USA

About the Role : We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven experience in threat hunting, incident response, and SOC program maturity. This role will report directly to the SecOps Manager in India and requires someone who thrives in a collaborative environment and leads by example. If you are a true expert with Microsoft Sentinel, CrowdStrike, MDE, SOAR platforms, MITRE ATT&CK framework, APT detection, and scripting, this role offers a great opportunity to build and defend a modern SOC environment.

Please note : This is not a SOC Analyst role. Candidates must have 7-10+ years of hands-on SOC Engineer experience with deep threat hunting and incident response expertise. Must be available to work U.S. business hours (PST timezone).

Key Responsibilities :

  • Threat Hunting :
  • Lead proactive threat hunting initiatives aligned with MITRE ATT&CK framework to identify, investigate, and mitigate advanced threats and adversary behaviors.
  • Use telemetry from Microsoft Sentinel, CrowdStrike Falcon, MDE, and other tools to detect anomalies and emerging attack patterns.
  • Develop and optimize threat hunting queries and playbooks using KQL, Python, and PowerShell.
  • Continuously improve detection coverage to reduce dwell time and prevent breaches.
  • Incident Response :
  • Design, implement, and maintain an effective Incident Response (IR) program and playbooks covering APTs, ransomware, insider threats, and complex multi-stage attacks.
  • Lead investigations on high-fidelity security alerts, conduct root cause analysis, containment, eradication, and recovery.
  • Utilize CrowdStrike Falcon EDR (including RTR), Microsoft Defender for Endpoint, and Tenable for comprehensive endpoint and vulnerability correlation during incidents.
  • Perform network forensics and packet analysis using Fortinet and Palo Alto firewall logs.
  • Manage cloud security incidents within Azure (Azure Sentinel, Security Center) and Microsoft 365 environments.
  • Coordinate with internal teams and external partners for timely, coordinated response to security incidents.
  • SOC Engineering & Program Maturity :
  • Build and mature the SOC’s SIEM and SOAR architecture, detection engineering, and response automation.
  • Develop advanced detection logic, hunting queries, and automation workflows.
  • Mentor junior SOC members and act as a technical escalation point.
  • Collaborate with managed SOC partners and other security teams to enhance detection and response capabilities.

Required Experience & Skills :

  • 7+ years of hands-on experience in SOC engineering, with a strong focus on threat hunting and incident response.

    • Expertise in :

  • Microsoft Sentinel (SIEM & SOAR) and advanced KQL queries for hunting and IR
  • CrowdStrike Falcon EDR (RTR, IOAs, threat containment)
  • Microsoft Defender for Endpoint (MDE) telemetry and IR
  • Tenable vulnerability correlation during investigations
  • Fortinet and Palo Alto firewalls for forensic analysis
  • Microsoft Entra ID (Azure AD), SSO, Conditional Access, MFA security controls
  • Deep operational knowledge of MITRE ATT&CK for threat hunting, detection tuning, and adversary simulation.
  • Proven ability to analyze and respond to APTs, malware persistence, lateral movement, privilege escalation, command & control, and data exfiltration incidents.
  • Strong scripting skills (KQL, Python, PowerShell) for threat hunting automation and incident response workflows.
  • Experience with SOAR platforms integration and automation (Microsoft Sentinel SOAR, Palo Alto XSOAR).
  • Excellent communication, collaboration, and mentoring abilities.
  • Must be able to work U.S. business hours (PST timezone).

    • Preferred Certifications :

  • GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, or equivalent.
  • MITRE ATT&CK Defender (MAD), OSCP, or Red Team certifications are a strong plus.
    • Create a job alert for this search

    Cybersecurity Engineer • noida, delhi, in

    Related jobs
    • Promoted
    DevSecOps / AppSecOps Staff Engineer

    DevSecOps / AppSecOps Staff Engineer

    First American (India)narela, delhi, in
    Our people-first culture empowers bold thinkers and passionate technologists to solve real-world challenges through scalable architecture and innovative design. If you're driven by impact, thrive in...Show moreLast updated: 7 days ago
    • Promoted
    Technical Consultant – Cybersecurity

    Technical Consultant – Cybersecurity

    Embee SoftwareDelhi, India, India
    Job Description – Technical Consultant – Cybersecurity.The Deployment Engineer – Cybersecurity will play a key role in delivering Embee’s cybersecurity projects by applying deep technical expertise...Show moreLast updated: 18 days ago
    • Promoted
    Cloud Security Engineer

    Cloud Security Engineer

    AquanowMeerut, IN
    Aquanow, a leading infrastructure and liquidity provider that provides institutional and enterprise application platforms for digital assets, is looking for a Cloud Security Engineer to join our te...Show moreLast updated: 26 days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    Vista Applied Solutions Group IncDelhi, IN
    Hiring Sr Cyber Security Engineer | Long Term Contract | Remote.Job Title : Sr Cyber Security Engineer – Product Security. Location : Mostly Indian business hours, some cross over with US and EU teams...Show moreLast updated: 7 days ago
    • Promoted
    Cyber Security Engineer

    Cyber Security Engineer

    YASH Technologiesnarela, delhi, in
    The AppSec Engineer is a specialized cybersecurity role focused on DevOps engineering principles.While the expectation of their sibling role – SAE – is to have practical working security knowledge,...Show moreLast updated: 24 days ago
    • Promoted
    Security Operations Center Analyst I - CrowdStrike / Endpoint Detection & Response

    Security Operations Center Analyst I - CrowdStrike / Endpoint Detection & Response

    NetConnect Private LimitedNoida
    Location : Noida Experience : 2 - 3 Years Notice Period : Immediate to 15 Days <...Show moreLast updated: 30+ days ago
    • Promoted
    Senior DevOps Security Engineer

    Senior DevOps Security Engineer

    JRD SystemsMeerut, IN
    We are seeking a highly skilled Senior DevOps / Platform Engineer to join our dynamic team.The ideal candidate will have extensive experience in managing and automating infrastructure, improving depl...Show moreLast updated: 4 days ago
    • Promoted
    Cybersecurity Expert

    Cybersecurity Expert

    CoforgeDelhi, India, India
    Ensure that the Client IT systems are secure, efficient, and compliant with relevant regulations and industry standards.Responsibility & Work Profile will include : Understanding the Project Require...Show moreLast updated: 18 days ago
    • Promoted
    Sailpoint Technologies - Senior DevSecOps Engineer - Security Operations Center

    Sailpoint Technologies - Senior DevSecOps Engineer - Security Operations Center

    Sailpoint Technologies India Pvt. LtdDelhi, IN
    Remote
    Job title : Senior DevSecOps Engineer.About SailPoint : SailPoint is the leader in identity security for the cloud enterprise. Our identity security solutio...Show moreLast updated: 30+ days ago
    • Promoted
    Cybersecurity Officer – SCG India

    Cybersecurity Officer – SCG India

    SCGNew Delhi, Delhi, India
    SCG’s entry into India emphasizes.The Cybersecurity Officer safeguards SCG’s systems, data, and networks against threats, ensuring. Monitor security alerts, incidents, and system vulnerabilities.Imp...Show moreLast updated: 18 days ago
    • Promoted
    NeoXam - DevSecOps Engineer

    NeoXam - DevSecOps Engineer

    NeoXamNoida
    Job Title : DevSecOps Required : 6- 8 : Type : Overview : We are seeking a seasoned D...Show moreLast updated: 24 days ago
    • Promoted
    Twilio - Senior Engineer - Cloud Security

    Twilio - Senior Engineer - Cloud Security

    Twilio Technology India Private LimitedDelhi, IN
    Remote
    Job Role / Title : Senior Engineer, Cloud Security Experience : 5 to 10 years Location : Remote <...Show moreLast updated: 5 days ago
    • Promoted
    Cyber Security Engineer - SIEM Tools

    Cyber Security Engineer - SIEM Tools

    HYI.AIDelhi, IN
    Remote
    Job Title : Remote Cybersecurity Engineer.Location : Remote / Hybrid (Preferred regions : EMEA, USA, UK, Japan).Experience : 27 years.Type : Full-time / Contr...Show moreLast updated: 30+ days ago
    • Promoted
    Security Operations Center Analyst - SIEM

    Security Operations Center Analyst - SIEM

    NetConnect Private LimitedNoida
    Location : Noida Experience : 2 - 3 Years Notice Period : Immediate to 15 Days <...Show moreLast updated: 30+ days ago
    • Promoted
    Sr. CyberArk Engineer

    Sr. CyberArk Engineer

    CyberSolveDelhi, IN
    CyberSolve is a fastest growing IAM Specialist firm in the US with aspirations of becoming the world's largest company in the IAM space. CyberSolve’s 350+ specialists solve interesting puzzles in IG...Show moreLast updated: 16 days ago
    • Promoted
    • New!
    IAM Senior Engineer – CyberArk / Privileged Access Management (PAM)

    IAM Senior Engineer – CyberArk / Privileged Access Management (PAM)

    PerfictMeerut, IN
    The IAM Senior Engineer will be responsible for the service design, build, deploy, and support of key elements of the Privileged Access Management (PAM) platform built leveraging the CyberArk Cloud...Show moreLast updated: 8 hours ago
    • Promoted
    • New!
    Security Engineer (Remote)

    Security Engineer (Remote)

    DigiHelic Solutions Pvt. Ltd.faridabad, haryana, in
    Remote
    We are looking for a proactive and experienced.In this role, you will design, implement, and maintain.The ideal candidate will have deep. Monitor cloud environments for.AWS-native and third-party to...Show moreLast updated: 5 hours ago
    • Promoted
    Threat Intelligence Lead

    Threat Intelligence Lead

    Resecuritynew delhi, delhi, in
    Resecurity is an American cybersecurity company based in Los Angeles, California.They specialize in providing next-generation endpoint protection and intelligence-driven cybersecurity solutions to ...Show moreLast updated: 30+ days ago
    • Promoted
    High Tech Infosystems - Senior Engineer - Cyber Security

    High Tech Infosystems - Senior Engineer - Cyber Security

    High Tech InfosystemsGurugram
    Job Title : Senior Engineer of exp : 10- 15 : Description : Are you a cybersecurity expert with hands-on...Show moreLast updated: 9 days ago
    • Promoted
    Senior Cloud Security Engineer - CASB / CSPM

    Senior Cloud Security Engineer - CASB / CSPM

    Digihelic Solutions Private LimitedDelhi, IN
    Remote
    We are seeking a highly skilled and experienced Senior Cloud Security Engineer with a specialization in Cloud Access Security Broker (CASB) environments. The ideal candidate will have deep subject m...Show moreLast updated: 14 days ago