Security Engineer - L2 (Immediate Joiner)

We are seeking a highly skilled Level 2 Security Engineer with broad, hands-on experience across multiple cybersecurity domains. The role involves designing, implementing, monitoring, and improving security controls across infrastructure, applications, networks, cloud environments, and enterprise systems.

The L2 Security Engineer will work closely with SOC, IT, DevOps, and GRC teams to detect threats, respond to incidents, reduce risk, and strengthen the organizations overall security posture.

Key Responsibilities (Across All Cybersecurity Domains)

1. Security Operations & Incident Response

• Act as an escalation point for L1 SOC analysts and handle complex security incidents.
• Perform deep-dive analysis of alerts from SIEM, EDR, NDR, IDS/IPS, and cloud security tools.
• Lead incident investigation, containment, eradication, and recovery efforts.

Conduct malware, phishing, and account compromise investigations.

2. Network & Infrastructure Security

• Secure enterprise networks involving firewalls, VPNs, proxies, WAFs, load balancers, and IDS/IPS.
• Analyze network traffic related to TCP/IP, DNS, HTTP/S, SMTP, VPN protocols, and routing.
• Review firewall rules, network segmentation, and access controls.

Support Zero Trust and network hardening initiatives.

3. Endpoint & Platform Security - Trillex

• Manage and tune EDR platforms across Windows and Linux environments.

Implement OS hardening, patching, and baseline security configurations.

4. Vulnerability Management

• Conduct vulnerability assessments using tools like Nessus, or similar.
• Perform risk-based vulnerability analysis and prioritize remediation.
• Work with IT and DevOps teams to remediate findings.
• Track vulnerabilities, misconfigurations, and exceptions.

5. Governance, Risk & Compliance (GRC)

• Support compliance with standards such as ISO 27001, SEBI and internal security policies.
• Assist in risk assessments, audits, and control validation.
• Maintain security documentation, policies, and SOPs.
• Participate in tabletop exercises and security reviews.

6. Data Loss Prevention (DLP) - Forcepoint

• Configure and manage DLP policies across endpoint, email, cloud, and network channels.
• Investigate and respond to data exfiltration and insider threat incidents.
• Define and classify sensitive data (PII, PHI, financial, IP).
• Tune DLP rules to reduce false positives while maintaining data protection coverage.
• Work with legal, compliance, and business teams on data protection requirements.

7. Red Team Collaboration & Adversary Simulation

• Collaborate with Red Team / Purple Team during attack simulations.
• Support Breach and Attack Simulation (BAS) and penetration testing activities.
• Validate defensive controls against real-world attack techniques.
• Analyze red team findings and implement detection and mitigation improvements.

Required Skills & Qualifications

• Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP/S, VPNs).
• Hands-on experience with SIEM, EDR/XDR, IDS/IPS, NDR, and security monitoring tools.

Immediate joiner can send your profile to rekha.srikumar@locuz.com