Systems Engineer - SOC | LIXIL | Gurugram, India

LIXIL INDIA PVT LTD in Gurugram is seeking a full-time Systems Engineer specializing in Security Operations Center (SOC) functions. This is a permanent, work-from-office position operating on a 6-day shift basis to provide 24x7 global infrastructure support, with an assignment end date of June 2, 2025.

Key Responsibilities:

• Monitor 24x7 security alerts (SIEM) and infrastructure alarms for system integrity and availability.
• Analyze logs and perform initial triage of security incidents and IT faults, differentiating false positives from critical threats.
• Investigate suspicious indicators (IPs, Hashes, URLs) using threat intelligence (e.g., VirusTotal) to prioritize incidents by severity.
• Execute L1 security playbooks and IT standard operating procedures (SOPs)/Known Error Databases (KEDB) for routine incident resolution and service requests within SLAs.
• Accurately document investigation findings in ticketing systems and escalate complex security or infrastructure issues to Tier 2/3 teams.
• Assist in maintaining monitoring dashboards and generating regular KPI reports on security alert trends and system health.

Candidate Profile:

• Minimum 2-5 years of combined experience in SOC operations and Infrastructure support, with L2-level expertise.
• Strong understanding of networking (OSI, TCP/IP, DNS) and cybersecurity principles (CIA Triad, Cyber Kill Chain, MITRE ATT&CK) for attack vector analysis.
• Hands-on experience with SIEM tools (e.g., Splunk, Sentinel, QRadar) and EDR solutions (e.g., CrowdStrike, Defender) for log analysis, alert monitoring, and incident triage.
• Proficiency in Windows and Linux command-line navigation, with the ability to analyze system logs (Event Viewer, Syslog) for anomalies and suspicious activities.
• Experience in a 24x7 rotational shift environment, with a proven track record of adhering to SLAs and documenting incidents using tools like ServiceNow or Jira.
• Excellent problem-solving skills for troubleshooting complex issues across various layers, from network packets to VM performance and security alerts.

Desirable Skills:

• Preferred security credentials (CompTIA Security+, CySA+, BTL1, CEH, CompTIA Network+).
• Proficiency in scripting languages (e.g., Python, PowerShell, PowerCLI, Bash) and automation tools (e.g., Ansible, Terraform) for streamlining incident response and infrastructure management.
• Exposure to Cloud Security monitoring (AWS, Azure, GCP) and experience with Threat Intelligence platforms and Open-Source Intelligence (OSINT) for in-depth analysis.
• Foundational knowledge in virtualization, servers, networks, and cloud technologies.

Qualifications:

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.