Engineer III, Cybersecurity-2

Location

Bangalore | India

Job description

Demonstrates up-to-date expertise and applies this to the development, execution, and improvement of action plans by providing expert advice and guidance to others in the application of information and best practices; supporting and aligning efforts to meet customer and business needs; and building commitment for perspectives and rationales.

Provides and supports the implementation of business solutions by building relationships and partnerships with key stakeholders; identifying business needs; determining and carrying out necessary processes and practices; monitoring progress and results; recognizing and capitalizing on improvement opportunities; and adapting to competing demands, organizational changes, and new responsibilities.

Models compliance with company policies and procedures and supports company mission, values, and standards of ethics and integrity by incorporating these into the development and implementation of business plans; using the Open Door Policy; and demonstrating and assisting others with how to apply these in executing business processes and practices.

Your responsibility shall include :

• Creating and maintaining detections in production and test environments.
• Conduct attack emulations to review and validate efficacy of our detection capabilities.
• Working on EDRs and technologies like MDATP, Tanium, CrowdStrike, Azure Sentinel, Google Chronicle etc.
• Create SOPs and playbooks.
• Prioritize threat detection creation needs using data and threat intel.
• Mentor and train junior team members on detections and attack emulations.

What youll bring:

• B.E./B.Tech/M.S./M.Tech/MCA/ with around 5 to 8 years of experience in SOC.
• Hands on experienced required on tools like EDR, SIEM, ( On Prem and Cloud) - preferably good to have Azure Sentinel and Google Chronicle, SOAR, Email Security, Incident Management, Firewall, IPS, Correlation skills, Use cases development and deployment. Well versed with People Process and Technologies in area of Cybersecurity.
• Analysis and investigations skills like Malware analysis, Phishing Email Analysis, Network, Endpoint, Windows and Linux Operating Systems knowledge and hands on experience on investigations.
• Good to have industry level certification like CIH, CompTIA Certifications, CEH and others as appropriate Experience working with global teams.
• Experience writing detections across multiple platforms - KQL and YARA-L a plus.
• Experience with ART ( Atomic Red Team) Communities and framework.
• Critical thinking & investigative skills.
• Experience working collaboratively with global teams.
• Familiarity with security gap analysis using a framework like MITRE ATT&CK
• Knowledge of adversary emulation using atomic red team or direct experience with red teaming/purple teaming.
• Process automation via scripting and/or SOAR.
• Python skills would have an added advantage.

Job tags

Salary