Security Engineer, Information Security

Position Summary:

Security operations team is responsible for ensure that the Confidentiality, Integrity, and availability of the organization is always protected. The person working in L2 SOC team operates the security monitoring solutions, reacting timely to security events as identified. In this role, individual is expected to manage and configure security tools, manage security incidents, implementing proactive security measures, identifying, and analyzing potential security threats and vulnerabilities. This role requires working in shift

Job Functions and Responsibilities:

• Manual and automated secure code review primarily in Java, Python and Javascript
• Provide guidance and support to development teams on secure coding practices and security related issues.
• Experience with security tools such as Burp Suite, Fortify , Nuclei
• Familiarity with industry standards and frameworks such as OWASP and NIST
• Monitor security alerts and events from various sources to identify potential threats and security incidents.
• Analyze security data and logs to detect unauthorized access, malware infections, and other suspicious activities.
• Lead or assist in responding to security incidents, coordinating efforts to contain and mitigate the impact.
• Implement, configure, and manage end point and network security solutions. 
• Analysis of phishing emails reported by internal end users.
• Escalation of incidents to be handled to L3/ Leads, when relevant.
• Follow up on remediation activities
• Triage on general information security tickets.
• Stay current with emerging security threats, vulnerabilities, and attack techniques. Utilize threat intelligence sources to proactively identify potential risks.

Qualifications:

• 3-5 years of progressive experience in following areas: Alert Monitoring, Incident Triage, Configuration and Management of Endpoint and Network Security tools, Vulnerability Management and Application Security 
• Bachelor’s degree from an accredited college / university with basic knowledge of Information Security. 
• Familiarity with security technologies, including firewalls, EDR, antivirus, SIEM, Application Security and Vulnerability Management.
• Knowledge of security tools like Rapid 7 SIEM, McAfee AV/DLP, CrowdStrike EDR, Palo Alto Firewall, Qualys, Burpsuite, Fortify will have added advantage.
• Keen to learn the security technologies and how security operates.
• Reliability and overall good communication skills.
• Well-developed logical thinking capabilities, to be able to investigate cases.
• Able to work in shift and weekend.

WORK SCHEDULE OR TRAVEL REQUIREMENTS 

2 PM to 11 PM / 9 PM to 6 AM IST. No travel.