Project Lead

The role of Security Platform Engineer is to design, implement, maintain and improve the security platforms and tools that protect the organization's IT infrastructure. This role focuses on ensuring that security technologies are optimized for detecting, preventing, and responding to security threats in real-time. This also involves collaboration with cross-functional engineering, IT, and security operations to deploy and support enterprise-level Cyber security platforms and solutions.

• Design and implement robust security platforms that support the organization's security needs (e.g., Unified telemetry pipeline like BindPlane, SIEM like QRadar, SecOps and Network security tools like Gigamon, Viavi and Arista).
• Integrate security solutions with existing infrastructure, ensuring seamless and effective deployment across various systems and environments.
• Develop automated workflows and scripts to enhance the functionality and scalability of security platforms.
• Ensure timely patching and upgrades to security tools and systems, minimizing downtime and vulnerabilities.
• Configure alerting systems for security threats, real-time monitoring for observability puposes.
• Collaborate with incident response teams to identify, contain, and mitigate security incidents.
• Assist in root cause analysis to improve security posture and prevent security breaches.
• Develop and maintain automation scripts and workflows to improve security operations and improve operational efficiency.
• Optimize security tools and platforms for performance and effectiveness, ensuring they meet compliance and organizational requirements.
• Maintain comprehensive documentation for platform configurations, troubleshooting guides, and operational procedures.

• Technical Skills:
  • Proficiency with security platforms such as Telemetry pipeline (e.g., BindPlane, Cribl Edge, Splunk or equivalent), network security (Gigamon, Viavi, Arista or equivalent), vulnerability management tools (e.g., Tenable, Qualys or equivalent).
  • Strong scripting skills in Python, PowerShell, or Bash for automation and tool integration.
  • Strong experience in Ansible.
  • Experience in Cloud security tools and platforms (GCP, AWS, Azure).
  • Experience with Container security (e.g., Docker, Kubernetes).
  • Understanding of the SIEM tools (e.g., Splunk, Qradar, SecOps or equivalent)
  • Knowledge of networking protocols, firewalls, and network security best practices.
  • Familiarity with ITSM processes, Agile practices, ServiceNow, JIRA.
• Experience:
  • Bachelor's degree in Computer Science, Information Security, or related field, or equivalent practical experience.
  • Minimum 5-10 years of experience in security engineering, platform engineering.
  • Proven experience in managing security platforms and tools in a large, complex environment.
  • Experience with Network security, analysis, and response, including knowledge of common attack vectors.
• Certifications:
  • GCP Cloud certification (mandatory) or equivalent in AWS or Azure.
  • Cybersecurity certificates (preferred)