Lead Engineer - IT Security

Trivandrum, Kerala, India

Envestnet

Explore our connected ecosystem of solutions, intelligence, and technologies that connect people’s daily lives with their long-term goals. See how we’re equipping advisors with the tools and resources needed to deliver the most impactful...

View all jobs at Envestnet

Apply now Apply later

Key Responsibilities: 
  • Advanced incident investigation: Conduct deep-dive investigations into complex security alerts and incidents, correlating events across multiple security tools and logs (SIEM, EDR, network logs, cloud logs).
  • Incident response leadership: Lead containment, eradication, and recovery efforts for security incidents, collaborating with IT, engineering, and other teams.
  • Threat hunting: Proactively search for threats within our environment using threat intelligence, hypotheses, and advanced analytical techniques.
  • Root cause analysis: Perform root cause analysis for security incidents and recommend preventative measures to enhance our defenses.
  • Threat Hunting: Exercises and proactive detection activities. Stay updated on emerging threats, vulnerabilities, attack techniques, and security news
  • Vulnerability Management: Conduct regular vulnerability scans and assessments using industry-standard tools and ASPM. Analyze scan results to identify and classify security vulnerabilities, understanding their potential impact and exploitability.
  • Develop playbooks: Contribute to the creation and refinement of incident response playbooks, runbooks, and standard operating procedures, including SOAR.
  • Security tool optimization: Recommend and assist with the configuration, tuning, and optimization of SIEM rules, EDR policies, and other security controls.
  • Threat intelligence integration: Integrate and operationalize threat intelligence (IOCs) and TTPs to improve detection capabilities and inform proactive defense strategies.
  • Reporting: Generate comprehensive incident reports and provide actionable insights to management.

Required Qualifications: 

  • Minimum of 5 years of experience in a Security Operations Center (SOC) or a similar cybersecurity role
  • Strong understanding of security frameworks (MITRE ATT&CK, NIST, ISO 27001, etc.)
  • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel, etc.)
  • Familiarity with EDR solutions (e.g., CrowdStrike, Carbon Black, Defender ATP)
  • Solid knowledge of networking concepts, log analysis, and common attack vectors
  • Experience in the incident response lifecycle, malware analysis, and threat hunting
  • Ability to perform effectively in high-pressure situations and manage multiple incidents simultaneously
  • Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience)

Preferred Skills and Certifications: 

  • Certifications such as GCIA, GCIH, CEH, CISSP, OSCP, or Security+
  • Experience with scripting (Python, PowerShell, Bash) for automation and log parsing
  • Knowledge of cloud security monitoring (AWS, Azure, GCP)
  • Experience with SOAR platforms and the automation of incident response workflows
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: Automation AWS Azure Bash Carbon Black CEH CISSP Cloud Computer Science CrowdStrike EDR GCIA GCIH GCP Incident response ISO 27001 Log analysis Malware MITRE ATT&CK Monitoring NIST OSCP PowerShell Python QRadar Scripting Sentinel SIEM SOAR SOC Splunk Threat intelligence TTPs Vulnerabilities Vulnerability management Vulnerability scans

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.