Sr SOC Engineer

What you'll do

• 1.      Security Monitoring and Analysis:
• Monitor security alerts and events from various sources, including SIEM (Security Information and Event Management) tools.
• Conduct in-depth analysis of security incidents to determine the scope, impact, and severity.


• 2.      Incident Triage and Investigation:
• Ability to identify abuse/ Fraud patterns on Cloud Platform
• Perform initial triage of security incidents, prioritizing and escalating as necessary.
• Conduct detailed investigations to identify the root cause of security incidents and recommend remediation actions.
• Collaborate with the team to mitigate and counteract threats.


• 3.      Threat Detection and Analysis:
• Utilize threat intelligence and analyse patterns to detect emerging cybersecurity threats.
• Collaborate with other SOC analysts and teams to improve detection capabilities.
• Investigate signs of compromise, utilizing your problem-solving skills and knowledge of cyber-attacks and data analysis (phishing, Ransomware, account compromise, DDOS)
• Zero-day attack analysis and control, Analyse end user system for attack related incidents and share RCA


• 4.      Incident Response:
• Assist in coordinating and executing incident response procedures.
• Strong understanding of cybersecurity concepts, attack vectors, and defence mechanisms.
• Analytical mindset and the ability to think critically under pressure.


• 5.      Documentation and Reporting:
• Document incident details, investigation, analysis findings, and response actions.
• Generate and communicate incident reports to relevant stakeholders.
• Preparing disaster recovery plans / tabletop exercise / PEN Test / weekly monthly metric reports


• 6.      Tool Management:
• Operate and manage security tools, including sumo logic, defender, Qualys, Sophos, O365, Phislabs, Litmos, Service desk, Jira, confluence, datadog
• Recommend improvements to enhance the effectiveness of security tools.
• Developing, configuring, and deploying monitoring tools and scripts for applications and systems
• Exposure on Terraform, Git, workflow






• 7.      Business Support:
• Participate in business and technology initiatives, contributing as an information security professional to define security-related processes and procedures.
• Engage in internal and third-party audits of the company’s information security policies, procedures, and operational duties, supporting remediation efforts as necessary.
• Collaborating with product development, information technology (IT) and architecture teams to evaluate and implement new services based on requirements.




• 8.      Projects:
• Coordinate and execute security projects aligned with the global security strategy, evaluating the security posture of the company and related data assets.
• Stay informed on the latest information security technologies, methodologies, and events, providing feedback on the security aspects or impact of non-security-related technology.
• Liaise with external vendors and service providers to ensure the efficacy of security solutions and services.

What you'll bring:

• Qualification:
• Bachelor’s degree (or equivalent experience) in Computer Science,
• Engineering, or related technical field.
• 5-8 years of direct information security experience in a global IT environment, with proficiency in at least 2 of the 10 security domains.
• Experince on public cloud technology (AWS ,Azure, GCP ) & some cloud automations
• Certification: CompTIA Security+, Certified Ethical Hacker (C|EH), CSAor equivalent are highly desirable.