Role Summary:
The Cyber Security Engineer will provide security incident response and readiness as part of a 24x7 Security Operations Centre within and in support of the IT Infrastructure and Operations team. Support global vulnerability management processes including OS and infrastructure patching, hardening and testing efforts. Operate security related tools (HIDS, NIDS, IPS, Analysers, Scanners, etc.) to identify active threats, attacks, vulnerabilities, exposures, etc., and prioritize for activity within the team. Assist in speedy identification of mitigation/remediation solutions.
Duties and Responsibilities:
1. Security Operations & Incident Response
Monitor and respond to security incidents within a 24x7 Security Operations Center (SOC).
Investigate, analyze, and mitigate security threats using SIEM, EDR, IDS/IPS, and SOAR solutions.
Develop and maintain incident response playbooks and security procedures.
Perform forensic analysis and root cause investigation for security breaches.
2. Vulnerability & Risk Management
Conduct regular Vulnerability Assessments (VAPT) and security audits.
Prioritize and implement security patches for OS, networks, and applications.
Support hardening efforts for IT systems and infrastructure.
3. Security Tools & Compliance
Manage and maintain security tools such as WAF, SIEM, DLP, IAM, and endpoint protection.
Ensure compliance with security frameworks like ISO 27001, PCI-DSS, and NIST.
Assist in security awareness training and best practices.
Support internal & external audits by providing necessary security documentation.
4. Threat Intelligence & Continuous Improvement
Identify emerging threats and attack vectors impacting enterprise security.
Recommend and implement mitigation strategies to enhance cybersecurity posture.
Collaborate with global security teams to align on security best practices.
Managing and troubleshooting Firewalls and IPS devices.
Qualification & Experience:
Bachelor’s degree in Computer Science, Information Security, or related field.
10+ years of experience in cybersecurity, SOC operations, or IT Security.
Strong knowledge of cloud security (AWS, Azure, GCP) and on-prem security.
Experience with firewalls, IDS/IPS, SIEM, EDR, and encryption technologies.
Hands-on experience in penetration testing and vulnerability management.
Familiarity with security frameworks and compliance standards (ISO 27001, NIST, PCI-DSS, etc.).
Certifications such as CISSP, CISM, CEH, OSCP, or Security+ are a plus.
Analytical mindset with strong problem-solving skills.
Ability to work under high-pressure situations and respond to incidents in real time.
Excellent communication skills to report security risks and incidents effectively.
Proactive approach to identifying and mitigating security threats.
