Job Description

Experience:

5- 8 Years

Location:

Sangamwadi, Pune, India

Preferred:

Immediate Joiners only

Skills:

Significant experience in SOC, CERT, or CSIRT environments, with expertise in SIEM administration, threat hunting, detection engineering, and incident response. Strong expertise in configuring, optimizing, and maintaining Microsoft security products,including Sentinel, Defender for Cloud, Endpoint, Identity, Office 365, Exchange, and AzureActive Directory.security dashboards and developing Playbook to support continuous monitoring.potential attack vectors.detection rules and identifying attacker tactics, techniques, and procedures (TTPs).detection, anti-malware, and vulnerability assessment tools.and evolving cyberattack methods.mitigate advanced threats.detection rules while reducing false positives.cross-functional teams.emerging threats and technologies.

Role and Responsibilities:

1. Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring andresponse.

2. Investigate and respond to cybersecurity incidents, including forensic analysis ofattack patterns.

3. Provide ongoing support for SIEM Architecture, ensuring efficient log ingestion,parsing, and normalization to enhance threat visibility and detection capabilities.

4. Designed and customized automated playbooks and interactive dashboards in SIEM tomeet specific security monitoring and incident response requirements.

5. Gather, process, and analyze threat intelligence feeds to identify emerging threats.

6. Proactively communicate relevant threat scenarios and provide actionable insights.

7. Develop and fine-tune advanced KQL queries and analytics rules in Microsoft Sentinelto detect sophisticated attack vectors.

8. Build and test hypothetical threat scenarios to enhance threat detection capabilities.

9. Optimize detection systems to minimize false positives and maximize precision.

10. Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring andresponse.

11. Investigate and respond to cybersecurity incidents, including forensic analysis ofattack patterns.

12. Configure, monitor, and maintain security tools such as SIEM (Microsoft Sentinel),Defender for Cloud, antivirus solutions, and consolidated security dashboards.

13. Participate in developing and implementing security concepts, hardening guidelines,and monitoring systems.

14. Perform penetration tests, vulnerability assessments, and audits to ensure robustsecurity measures.

15. Contribute to the creation and refinement of SOC policies, processes, and procedures.

Desirable Experience:

Proficiency in log sources onboarding in SIEM, log management, developing consolidated Proficiency in creating and simulating hypothetical threat scenarios to anticipate and combat In-depth understanding and practical application of the MITRE ATT&CK framework for mapping Practical knowledge of security technologies, including firewalls, IDS/IPS, SIEM, endpoint Solid understanding of networks, cloud infrastructures, operating systems (Windows, Linux), Experience in correlating threat intelligence feeds with detection engineering to identify and Proven ability to analyze large volumes of security logs and data to craft precise, high-fidelity Excellent communication and collaboration skills to effectively share findings and work with Passionate about proactive cybersecurity measures, with a strong desire to stay updated on A high level of collaboration skills with other cross functional global teams. Confidence in expressing your ideas and input to the team. Open to learn and work on different/new technologies. Agile in nature. Self-motivated and proactive. Incident Response and Collaboration: SIEM Administration: Threat Intelligence Analysis: Threat Detection Development: Incident Response and Collaboration: Security Tool Management: Continuous Improvement: Microsoft Certified: Security Operations Analyst Associate - SC 200 CEH
Job Type: Permanent

Application Question(s):

How many years experience in IT Security? What is your current ctc in lpa? What is your expected ctc in lpa? What is your notice period (LWD)? Are you okay with Sangamwadi, Pune location?
Work Location: In person