Systems Engineer

LIXIL India Pvt Ltd is seeking a Systems Engineer for its Global IT Operations Center in Gurugram, India. This is a full-time, permanent, work-from-office position requiring a 6-day working shift to provide 24x7 global infrastructure support. The role is critical for maintaining system integrity and availability across the IMEA region (India, Middle East, and Africa).

Key Responsibilities:

• Proactively monitor 24x7 security alerts (SIEM) and infrastructure alarms to ensure system integrity and availability.
• Analyze logs and perform initial triage of security incidents and IT faults to distinguish between false positives and critical threats.
• Investigate suspicious indicators (IPs, Hashes, URLs) using threat intelligence sources like VirusTotal to prioritize incidents based on severity.
• Execute L1 security playbooks and IT SOPs/KEDB to resolve routine incidents and service requests within defined SLAs.
• Document investigation findings accurately in ticketing systems and escalate complex security or infrastructure issues to Tier 2/3 teams.
• Assist in maintaining monitoring dashboards and generate regular KPI reports on security alert trends and system health.

What We Are Looking For:

• Minimum 2-5 years of combined experience in SOC operations and Infrastructure support, with specific L2-level expertise.
• Strong command of networking (OSI, TCP/IP, DNS) and cybersecurity principles (CIA Triad, Cyber Kill Chain, MITRE ATT&CK) to effectively analyze attack vectors.
• Hands-on experience with SIEM tools (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Defender) for log analysis, alert monitoring, and incident triage.
• Proficiency in Windows and Linux command-line navigation with the ability to deeply analyze system logs (Event Viewer, Syslog) for anomalies and suspicious activities.
• Experience working in a 24x7 rotational shift environment with a strong track record of adhering to SLAs and documenting incidents via tools like ServiceNow or Jira.
• Excellent problem-solving skills to troubleshoot complex issues across the stack from network packets to VM performance and security alerts.

Good To Have:

• Valid security credentials (CompTIA Security+, CySA+, BTL1, CEH, CompTIA Network+) are highly preferred.
• Proficiency in scripting languages (Python, PowerShell, PowerCLI, Bash) and automation tools (Ansible, Terraform) to streamline incident response and infrastructure management tasks.
• Exposure to Cloud Security monitoring (AWS, Azure, GCP) and experience utilizing Threat Intelligence platforms and OSINT for deeper analysis.
• Foundation level knowledge with additional virtualization, server, network, and cloud technologies.

Qualifications:

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.