Cyber Security Engineer

Title: Platform Engineer

Experience: 6+ years

Shift : General Shift , Cab facility is available

Mode of work: 5 days - work from office.

• Design and develop detection rules and policies to identify cybersecurity threats across a wide range of platforms and technologies.
• Lead the design, development, and deployment of high-fidelity threat detection mechanisms across our diverse technology stack, including on-premise, cloud (AWS, Azure, GCP), and SaaS environments.
• Collaborate with security analysts, threat hunt, and threat intelligence to understand emerging threats and devise effective detection strategies.
• Validate and tune detection content to minimize false positives and ensure high accuracy and efficiency.
• Stay update of the latest cybersecurity trends, tools, and technologies to continuously improve detection methodologies.
• Work directly with clients to onboard their environments onto our platform and integrate data sources, guiding them through the process.
• Document detection processes, create reports on security metrics, and communicate findings to stakeholders
• Good understand on network infrastructure, security and devices i.e. Firewalls, EDR, Email Security, Proxy, DLP, and IDS/IPS

Qualifications:

• Bachelors degree in Computer Science, Information Security, or a related field.
• At least 5 years of experience in cybersecurity, with a focus on threat detection, analysis, and incident response
• Strong knowledge of security information and event management (SIEM) systems, log management solutions, and detection platforms.
• Familiarity with attack patterns, tactics, techniques, and procedures (TTPs) used by cyber adversaries - MITRE and Cyber Kill Chain
• Experience with cloud security and understanding of cloud-based threat detection strategies.
• Strong communication and collaboration skills, with the ability to work effectively in a team environment and interact with clients
• Collaborate with Security Operations team on developing and automating alert response processes and playbooks
• Knowledge of security tools and technologies, such as SIEM, CSPM, EDR/XDR, SOAR, WAF, and IDS/IPS.
• Professional security certifications such as OSCP, GIAC (e.g. GCIH, GCIA), CISSP, or other relevant certifications are highly valued.
• Hands-on experience with SIEM platforms for log management and alerting. Ex: Splunk, Elastic Stack (ELK/Security Onion), IBM QRadar, Securonix, Wazuh or Azure Sentinel. Ability to create SIEM queries, dashboards, and integrate new data sources