Security Operations Center Engineer

We are seeking a dedicated Security Operations Center Engineer to join our team in Mumbai, India. In this role, you will be instrumental in monitoring and responding to security threats, contributing to a robust cybersecurity posture.

• Monitor and analyze alerts, logs, and events from SIEM, EDR, Firewalls, IDS/IPS, WAF, and other security tools to detect anomalous activities.
• Perform initial triage of alerts to validate real incidents, dismiss false positives, and investigate suspicious network and system activities.
• Support the investigation of security incidents by documenting impact, root cause, and remediation steps.
• Collaborate with IT, Infra, and DevOps teams for containment, mitigation, and recovery efforts, escalating critical issues promptly.
• Stay abreast of emerging threats, advisories, and CVEs, and assist in basic threat hunting through log analysis and pattern identification.
• Maintain accurate incident tickets and investigation records, generate weekly/monthly SOC reports, and update SOC Standard Operating Procedures (SOPs), playbooks, and knowledge bases.
• Ensure all security operations adhere to cybersecurity policies, industry standards, and regulatory requirements.
• Assist in audits by providing evidence collection and supporting compliance-related tasks.

Required Qualifications:

• 1 to 3 years of professional experience in a Security Operations Center (SOC) or a related cybersecurity field.
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a closely related discipline.
• Hands-on experience with SIEM and EDR tools.
• Solid understanding of firewall logs, antivirus alerts, and fundamental network security principles.
• Proficiency in log analysis on Windows/Linux operating systems.
• Familiarity with the MITRE ATT&CK framework, cyber kill chain methodology, and common attack vectors.
• Strong analytical and correlation skills for complex security events, with the ability to adapt to evolving threat landscapes.
• Excellent problem-solving, analytical, and decision-making capabilities.
• Effective written and verbal communication skills, with a knack for clear documentation.
• Ability to work collaboratively with cross-functional teams and maintain a proactive, learning-oriented mindset.
• Relevant certifications such as CompTIA Security+, CEH, EC-Council CSA (SOC/Blue Team), or SIEM/log analysis certifications are highly regarded.