Scribd
Upload
11 views4 pages

Senior Engineer - SOC JD - Updated V 10

The document outlines a job description for a Senior Engineer - IT Security position in Pune, India, focusing on protecting the organization's IT infrastructure through monitoring and responding to security threats. Key responsibilities include incident analysis, log investigation, incident response, and collaboration with various teams to enhance security posture. The role requires a minimum of 5 years of experience in security operations, strong technical skills, and preferred certifications in cybersecurity.

Uploaded by

Gowtham Sagar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
11 views4 pages

Senior Engineer - SOC JD - Updated V 10

The document outlines a job description for a Senior Engineer - IT Security position in Pune, India, focusing on protecting the organization's IT infrastructure through monitoring and responding to security threats. Key responsibilities include incident analysis, log investigation, incident response, and collaboration with various teams to enhance security posture. The role requires a minimum of 5 years of experience in security operations, strong technical skills, and preferred certifications in cybersecurity.

Uploaded by

Gowtham Sagar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Position: Senior Engineer-IT Security

Job Location: Pune, India

Role Overview/Your Impact

We are looking for a highly skilled and detail-oriented Senior Engineer – IT Security to join our Security
Operations Center (SOC) team. As a Senior Engineer, you will be responsible for protecting the
organization's IT infrastructure by monitoring, identifying, and responding to security threats or
weaknesses and vulnerabilities. You will manage security tools for advanced analysis and investigation of
security logs from various sources such as firewalls, intrusion detection/prevention systems (IDS/IPS),
servers, applications, and other security devices. You will be expected to identify, investigate, and
respond to security incidents, provide deep technical analysis, and work closely with other teams to
improve the organization’s overall security posture.

What Does the team do

The Security Operations Center (SOC) team plays a critical role in safeguarding an organization's IT
infrastructure by actively monitoring, detecting, responding to, and mitigating cybersecurity threats in
real time. This team's primary responsibility is to maintain a robust security posture, ensuring the
integrity, confidentiality, and availability of systems, networks, and data.

What will you do

 Acknowledge, analyze, and validate incidents triggered by multiple security tools


like IDS/IPS, Web Application Firewall, Firewalls, Endpoint Detection & Response
tools, and events through SIEM solution.
 Acknowledge, analyze, and validate incidents received through other reporting
mechanisms such as email, phone calls, management directions, etc.
 Collection of necessary logs that could help in the incident containment and
security investigation
 Escalate validated and confirmed incidents.
 Understand the structure and the meaning of logs from different log sources such
as F/W, IDS/IPS, WAF, Domain Controller, Cloudflare, XDR Solution, Microsoft office
365 etc.
 Open incidents in the ticketing platform to report the alarms triggered or threats
detected.
 Track and update incidents and requests based on updates and create root cause
analysis.
 Report on IT infrastructure issues to the IMS Team.
 Working with vendors to work on security issues.
 Log Analysis and Investigation:
o Analyze large volumes of security logs from multiple sources (e.g., network devices,
firewalls, IDS/IPS, SIEM tools, etc.) to identify potential security incidents, threats, and
vulnerabilities.
o Perform in-depth investigations of suspicious activities to identify the root cause and
potential impact.
o Prioritize and escalate incidents based on severity and risk.
 Incident Response:
o Lead the investigation and resolution of security incidents, coordinating with L1 and L2
teams as necessary.
o Provide detailed analysis and actionable intelligence to stakeholders to guide
remediation efforts.
o Track incidents through to resolution and closure, ensuring all documentation is
accurate and complete.
o Maintain Incident response procedures and SOPs
 Threat Intelligence Integration:
o Use threat intelligence feeds and other external resources to enhance log analysis and
identify emerging threats.
o Correlate internal data with external threat intelligence to identify new attack vectors
and trends.
 Tools & Technologies:
o Utilize SIEM tools (e.g., LogRhythm) to perform advanced log searches, filtering, and
correlation.
o Work with other SOC tools such as ticketing systems, network monitoring solutions,
Email monitoring, and endpoint security tools.
 Collaboration & Reporting:
o Collaborate with SOC teams, IT teams, and management to provide detailed incident
reports and security assessments.
o Develop and maintain documentation, playbooks, and procedures to improve the
efficiency of the SOC.
o Provide mentorship and training to junior analysts (L1/L2).
 Continuous Improvement:
o Analyze and improve SOC processes, workflows, and detection methodologies to
enhance overall efficiency and security posture.
o Regularly update and review log sources, collection mechanisms, and detection rules to
adapt to changing threat landscapes.
 Perform other duties as assigned.
Required Skills & Qualifications:
 Experience:
o Minimum of 5 years of experience in a security operations environment with a focus on
log analysis, incident response, and threat detection.
o Strong knowledge of security concepts and technologies such as firewalls, IDS/IPS,
antivirus, vulnerability scanners, encryption, and network protocols.
o Experience working with SIEM tools such as LogRhythm etc.
 Technical Skills:
o Strong knowledge of networking protocols (TCP/IP, HTTP, DNS, etc.) and the ability to
analyze traffic and logs.
o Experience with log parsing, log correlation, and log analysis at an advanced level.
o Familiarity with scripting languages (e.g., Python, PowerShell) for automating tasks and
log analysis.
o Strong understanding of security incident response lifecycle, including containment,
eradication, and recovery.
 Certifications (Preferred):
o Certified Incident Handler (GCIH)
o Certified SOC Analyst (CSA)
o Certified Ethical Hacker (CEH)
 Soft Skills:
o Strong analytical and problem-solving abilities.
o Ability to work under pressure in a high-stress, fast-paced environment.
o Strong written and verbal communication skills for preparing reports and interacting
with teams across the organization.
o Excellent attention to detail and a proactive approach to identifying and addressing
security issues.

Our culture

Behind every great human achievement is a team.In that spirit, Sakon brings together the most
seasoned and diverse collection of world class engineers, telecom service practitioners, and CPA’s.
Our global managed services teams are filled with passionate and committed innovators and
operators, all of whom are focused on ensuring customers achieve a great service experience,
with a smile.

Benefits and Perks

 Flexible Holiday Policy (choose your own holidays)


 Hybrid Working Options
 Life & Medical Insurance
 Focus on Skill Development, Re-imbursement for ertifications
 Wifi-Mobile bill reimbursement
 Employee wellbeing activities
How to Apply and Interview Process

To apply, kindly share the resume with talentacquisition@sakon.com.

If your profile is shortlisted, you will be invited to complete a communication test


followed by interviews.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy