Security Operations Engineer

Bengaluru - India

Monthly Salary: Not Disclosed

Posted on: 6 hours ago

Vacancies: 1 Vacancy

Job Summary

This role will monitor detect analyze and respond to security threats across the enterprise environment. You will work closely with threat intelligence incident response and engineering teams to protect the infrastructure data and customers. The ideal candidate has solid SOC experience a strong technical foundation in security tooling and a proactive mindset toward identifying and mitigating risk.

Responsibilities:

Monitor security events and alerts across SIEM EDR IDS/IPS and cloud security platforms in real time
Triage investigate and respond to security incidents following established incident response procedures and playbooks
Perform root-cause analysis on security events and document findings containment actions and remediation steps
Develop tune and maintain detection rules correlation queries and alerting logic to reduce false positives and improve signal fidelity
Conduct threat hunting activities using threat intelligence feeds MITRE ATT&CK framework and behavioral analytics
Collaborate with IT DevOps and infrastructure teams to remediate vulnerabilities and harden systems and configurations
Manage and operate security tools including SIEM (Splunk Microsoft Sentinel or similar) EDR (CrowdStrike SentinelOne or similar) and vulnerability management platforms
Support the development and continuous improvement of security operations runbooks playbooks and standard operating procedures
Participate in tabletop exercises red team/blue team engagements and incident simulations
Track and report on security metrics key risk indicators (KRIs) and SOC performance to leadership
Assist with forensic investigation of compromised endpoints accounts or network segments
Stay current on the evolving threat landscape and proactively share intelligence with the security team

Qualifications :

Qualifications:

35 years of experience in a Security Operations SOC Analyst (Tier 2/3) or Security Engineer role
Hands-on experience with SIEM platforms such as Splunk Microsoft Sentinel IBM QRadar or similar
Experience with EDR/XDR tools such as CrowdStrike Falcon SentinelOne Microsoft Defender for Endpoint or Carbon Black
Solid understanding of network security concepts including firewalls IDS/IPS proxies DNS security and network traffic analysis
Familiarity with cloud security monitoring for AWS Azure or GCP environments (CloudTrail Security Hub Defender for Cloud)
Working knowledge of the MITRE ATTACK framework and its application to detection engineering and threat hunting
Experience with vulnerability management tools such as Tenable Nessus Qualys or Rapid7 InsightVM
Proficiency in scripting (Python PowerShell Bash) for automation of security tasks log parsing and alert enrichment
Understanding of incident response lifecycle digital forensics fundamentals and chain-of-custody procedures
Knowledge of security frameworks including NIST CSF CIS Controls and ISO 27001
Experience with ticketing and SOAR platforms (Splunk SOAR Palo Alto XSOAR ServiceNow SecOps) for case management and automation
Strong analytical skills with the ability to synthesize large volumes of data into actionable findings
Excellent written and verbal communication skills; ability to convey technical findings to both technical and non-technical audiences
Bachelors degree in Cybersecurity Computer Science Information Systems or a related field
Certifications such as CompTIA CySA GIAC GCIA GIAC GCIH CEH or Microsoft SC-200 preferred
Experience with threat intelligence platforms (TIPs) and indicator-of-compromise (IOC) management is a plus

Additional Information :

All your information will be kept confidential according to EEO guidelines.

Remote Work :

Employment Type :

Full-time

Responsibilities:

Monitor security events and alerts across SIEM EDR IDS/IPS and cloud security platforms in real time
Triage investigate and respond to security incidents following established incident response procedures and playbooks
Perform root-cause analysis on security events and document findings containment actions and remediation steps
Develop tune and maintain detection rules correlation queries and alerting logic to reduce false positives and improve signal fidelity
Conduct threat hunting activities using threat intelligence feeds MITRE ATT&CK framework and behavioral analytics
Collaborate with IT DevOps and infrastructure teams to remediate vulnerabilities and harden systems and configurations
Manage and operate security tools including SIEM (Splunk Microsoft Sentinel or similar) EDR (CrowdStrike SentinelOne or similar) and vulnerability management platforms
Support the development and continuous improvement of security operations runbooks playbooks and standard operating procedures
Participate in tabletop exercises red team/blue team engagements and incident simulations
Track and report on security metrics key risk indicators (KRIs) and SOC performance to leadership
Assist with forensic investigation of compromised endpoints accounts or network segments
Stay current on the evolving threat landscape and proactively share intelligence with the security team

Qualifications :

Qualifications:

35 years of experience in a Security Operations SOC Analyst (Tier 2/3) or Security Engineer role
Hands-on experience with SIEM platforms such as Splunk Microsoft Sentinel IBM QRadar or similar
Experience with EDR/XDR tools such as CrowdStrike Falcon SentinelOne Microsoft Defender for Endpoint or Carbon Black
Solid understanding of network security concepts including firewalls IDS/IPS proxies DNS security and network traffic analysis
Familiarity with cloud security monitoring for AWS Azure or GCP environments (CloudTrail Security Hub Defender for Cloud)
Working knowledge of the MITRE ATTACK framework and its application to detection engineering and threat hunting
Experience with vulnerability management tools such as Tenable Nessus Qualys or Rapid7 InsightVM
Proficiency in scripting (Python PowerShell Bash) for automation of security tasks log parsing and alert enrichment
Understanding of incident response lifecycle digital forensics fundamentals and chain-of-custody procedures
Knowledge of security frameworks including NIST CSF CIS Controls and ISO 27001
Experience with ticketing and SOAR platforms (Splunk SOAR Palo Alto XSOAR ServiceNow SecOps) for case management and automation
Strong analytical skills with the ability to synthesize large volumes of data into actionable findings
Excellent written and verbal communication skills; ability to convey technical findings to both technical and non-technical audiences
Bachelors degree in Cybersecurity Computer Science Information Systems or a related field
Certifications such as CompTIA CySA GIAC GCIA GIAC GCIH CEH or Microsoft SC-200 preferred
Experience with threat intelligence platforms (TIPs) and indicator-of-compromise (IOC) management is a plus

Additional Information :

All your information will be kept confidential according to EEO guidelines.

Remote Work :

Employment Type :

Full-time

Key Skills

Splunk
Compliance Management
IDS
SOC
Cybersecurity
Identity & Access Management
Security
Information Security
Process Engineering
Metadata
Encryption
Siem

Apply Now

About Company

BETSOL

BETSOL is a cloud-first digital transformation and data management company offering products and IT services to enterprises in over 40 countries. BETSOL team holds several engineering patents, is recognized with industry awards, and BETSOL maintains a net promoter score that is 2x the ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click