This job offer is not available in your country.
(Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response
Triune Infomatics Incghaziabad, uttar pradesh, in7 days ago
Job description7+ years of hands-on experience in SOC engineering, with a strong focus on threat hunting and incident response. Microsoft Sentinel (SIEM & SOAR) and advanced KQL queries for hunting and IR CrowdStrike Falcon EDR (RTR, IOAs, threat containment) Microsoft Defender for Endpoint (MDE) telemetry and IR Tenable vulnerability correlation during investigations Fortinet and Palo Alto firewalls for forensic analysis Microsoft Entra ID (Azure AD), SSO, Conditional Access, MFA security controls Deep operational knowledge of MITRE ATT&CK for threat hunting, detection tuning, and adversary simulation. Proven ability to analyze and respond to APTs, malware persistence, lateral movement, privilege escalation, command & control, and data exfiltration incidents. Strong scripting skills (KQL, Python, PowerShell) for threat hunting automation and incident response workflows. Experience with SOAR platforms integration and automation (Microsoft Sentinel SOAR, Palo Alto XSOAR). Excellent communication, collaboration, and mentoring abilities. Must be able to work U.S. business hours (PST timezone). GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, or equivalent. MITRE ATT&CK Defender (MAD), OSCP, or Red Team certifications are a strong plus.
Role : Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response
Working Hours : Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours)
Reporting To : Security Operations (SecOps) Leader – USA
About the Role : We are seeking an elite Senior Cybersecurity SOC Engineer—a hands-on security expert with deep technical knowledge and proven experience in threat hunting, incident response, and SOC program maturity. This role will report directly to the SecOps Manager in India and requires someone who thrives in a collaborative environment and leads by example. If you are a true expert with Microsoft Sentinel, CrowdStrike, MDE, SOAR platforms, MITRE ATT&CK framework, APT detection, and scripting, this role offers a great opportunity to build and defend a modern SOC environment.
Please note : This is not a SOC Analyst role. Candidates must have 7-10+ years of hands-on SOC Engineer experience with deep threat hunting and incident response expertise. Must be available to work U.S. business hours (PST timezone).
Key Responsibilities :
- Threat Hunting :
- Lead proactive threat hunting initiatives aligned with MITRE ATT&CK framework to identify, investigate, and mitigate advanced threats and adversary behaviors.
- Use telemetry from Microsoft Sentinel, CrowdStrike Falcon, MDE, and other tools to detect anomalies and emerging attack patterns.
- Develop and optimize threat hunting queries and playbooks using KQL, Python, and PowerShell.
- Continuously improve detection coverage to reduce dwell time and prevent breaches.
- Incident Response :
- Design, implement, and maintain an effective Incident Response (IR) program and playbooks covering APTs, ransomware, insider threats, and complex multi-stage attacks.
- Lead investigations on high-fidelity security alerts, conduct root cause analysis, containment, eradication, and recovery.
- Utilize CrowdStrike Falcon EDR (including RTR), Microsoft Defender for Endpoint, and Tenable for comprehensive endpoint and vulnerability correlation during incidents.
- Perform network forensics and packet analysis using Fortinet and Palo Alto firewall logs.
- Manage cloud security incidents within Azure (Azure Sentinel, Security Center) and Microsoft 365 environments.
- Coordinate with internal teams and external partners for timely, coordinated response to security incidents.
- SOC Engineering & Program Maturity :
- Build and mature the SOC’s SIEM and SOAR architecture, detection engineering, and response automation.
- Develop advanced detection logic, hunting queries, and automation workflows.
- Mentor junior SOC members and act as a technical escalation point.
- Collaborate with managed SOC partners and other security teams to enhance detection and response capabilities.
Required Experience & Skills :
Expertise in :
Preferred Certifications :
Create a job alert for this search
Cybersecurity Engineer • ghaziabad, uttar pradesh, in
Related jobs
Job title : Senior DevSecOps Engineer.About SailPoint : SailPoint is the leader in identity security for the cloud enterprise.
Our identity security solutio...Show moreLast updated: 30+ days ago
Job Role / Title : Senior Engineer, Cloud Security Experience : 5 to 10 years Location : Remote <...Show moreLast updated: 5 days ago
Job Title : Remote Cybersecurity Engineer.Location : Remote / Hybrid (Preferred regions : EMEA, USA, UK, Japan).Experience : 27 years.Type : Full-time / Contr...Show moreLast updated: 30+ days ago
We are seeking a highly skilled and experienced Senior Cloud Security Engineer with a specialization in Cloud Access Security Broker (CASB) environments.
The ideal candidate will have deep subject m...Show moreLast updated: 14 days ago
Seeking a dynamic and experienced professional to lead its Cyber Security Practice, with core expertise in vulnerability management, DevSecOps, penetration testing, application and network security...Show moreLast updated: 30+ days ago
- Promoted
Cybersecurity Expert
CoforgeDelhi, India, India Ensure that the Client IT systems are secure, efficient, and compliant with relevant regulations and industry standards.Responsibility & Work Profile will include : Understanding the Project Require...Show moreLast updated: 18 days ago
- Promoted
(Immediate joiners only)Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response
Triune Infomatics Incnoida, delhi, in Role : Senior Cybersecurity SOC Engineer – Threat Hunting & Incident Response.Working Hours : Monday to Friday, 9 AM – 5 PM PST (U.
Reporting To : Security Operations (SecOps) Leader – USA.We are seeki...Show moreLast updated: 7 days ago
- Promoted
SOC
ConfidentialGurgaon / Gurugram, Delhi, Noida Minimum 2-12 years of professional experience in cybersecurity, with experience in a SOC environment.Deep understanding of networking, system administration, cloud environments (AWS / Azure / GCP) and ...Show moreLast updated: 8 days ago
- Promoted
SOC Engineer
ConfidentialDelhi As an Email Security Engineer, you will be working as an individual contributor to work with a dynamic team of Threat hunters working 24x7.
You should have 3-4 years of experience in cyber security....Show moreLast updated: 30+ days ago
- Promoted
SOC L3 Analyst
ConfidentialGurgaon / Gurugram We are seeking a highly experienced SOC L3 Analyst to strengthen our Security Operations Center.The ideal candidate will have advanced expertise in monitoring, analyzing, and mitigating cybersecuri...Show moreLast updated: 30+ days ago
- Promoted
Senior SOC Analyst Level 3
ConfidentialGurgaon / Gurugram What will your essential responsibilities include.Take full ownership of incidents escalated by Level 2 analysts.Conduct complex investigations and provide advice to L2 SOC analysts.Develop customi...Show moreLast updated: 17 days ago
- Promoted
Advanced Cyber Sec Archt / Engr
ConfidentialNoida Drive secure architecture design and risk assessment for embedded avionics systems.Guide development teams on implementing multilayer security controls and secure coding practices.Conduct threat mo...Show moreLast updated: 25 days ago
- Promoted
Sailpoint Technologies - Senior DevSecOps Engineer - Security Operations Center
Sailpoint Technologies India Pvt. LtdDelhi, INRemote
- Promoted
SOC Level 1 Engineer
ConfidentialDelhi SIEM,VAPT tools,Forensic Analysis,Incident Handling,log analysis, monitoring, detecting and investigating security incidents and breaches,networking protocols and cyber security concepts Preparatio...Show moreLast updated: 16 days ago
- Promoted
SOC Lead
ConfidentialDelhi, India Lead and manage the Security Operations Center (SOC), ensuring effective monitoring, detection, analysis, and response to cybersecurity threats and incidents across the organization.Define and impl...Show moreLast updated: 8 days ago
- Promoted
NeoXam - DevSecOps Engineer
NeoXamNoida Job Title : DevSecOps Required : 6- 8 : Type : Overview : We are seeking a seasoned D...Show moreLast updated: 24 days ago
- Promoted
Twilio - Senior Engineer - Cloud Security
Twilio Technology India Private LimitedDelhi, INRemote
- Promoted
Cyber Security Engineer - SIEM Tools
HYI.AIDelhi, INRemote
- Promoted
Security Operations Center Analyst - SIEM
NetConnect Private LimitedNoida Location : Noida Experience : 2 - 3 Years Notice Period : Immediate to 15 Days <...Show moreLast updated: 30+ days ago
- Promoted
SOC Analyst
ConfidentialGurugram, Gurgaon / Gurugram, India Location : Gurugram / Rotational Shift.Immediate joiner with less than 15 days&apos notice period.We are Hiring for SOC Analyst L1, L2 and L3.
Security Operations Center (SOC) Duties : .Monitor, analyz...Show moreLast updated: 8 days ago
- Promoted
Sr. SOC Engineer (Red Teaming & Web Application Security Specialist)
ConfidentialNoida, India This job is with Hitachi Digital Services, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.
Please do not contact the recruiter directly...Show moreLast updated: 8 days ago
- Promoted
High Tech Infosystems - Senior Engineer - Cyber Security
High Tech InfosystemsGurugram Job Title : Senior Engineer of exp : 10- 15 : Description : Are you a cybersecurity expert with hands-on...Show moreLast updated: 9 days ago
- Promoted
Senior Cloud Security Engineer - CASB / CSPM
Digihelic Solutions Private LimitedDelhi, INRemote
- Promoted
SOC Analyst Level 2
ConfidentialGurgaon / Gurugram What will your essential responsibilities include.Act as an escalation point for Level 1 analysts and contribute to the Level 1 capability.
Deep dive analysis of escalated alerts to understand impac...Show moreLast updated: 17 days ago
Director - Cybersecurity and Devops ( DevSecOps,)
Talent WorxGurugram, HR, INQuick Apply