SOC (Security Operations Center) - First Advantage (Mumbai/Bangalore)
Bangalore, Karnataka, India
Full Time
Mid Level
A SOC (Security Operations Center) Detection Engineer is a critical member of the cybersecurity team, responsible for designing, implementing, and maintaining systems and methodologies for detecting and responding to cyber threats. This professional plays a central role in identifying vulnerabilities, monitoring network activities, and ensuring the organization's digital assets are safeguarded against malicious actors.
Key Responsibilities
Threat Detection and Analysis
• Develop and maintain log collection, analysis, and monitoring systems to identify suspicious activities.
• Analyze network traffic, endpoint data, and system logs to detect anomalies and indicators of compromise (IoCs).
• Identify emerging threats and vulnerabilities by staying updated with the latest intelligence and threat trends.
Incident Response
• Collaborate with SOC analysts to investigate and respond to security incidents.
• Provide technical expertise in triaging and resolving incidents while minimizing impact on operations.
• Design and document incident response procedures for rapid and effective action.
Automation and Tool Development
• Develop scripts and tools to automate repetitive detection tasks and enhance operational efficiency.
• Integrate detection and monitoring tools seamlessly into the company's IT infrastructure.
• Test and fine-tune monitoring tools to optimize accuracy and performance.
Collaboration and Communication
• Work closely with the IT, network, and development teams to ensure security best practices are implemented.
• Communicate findings and recommendations effectively to stakeholders, including non-technical audiences.
• Contribute to the creation of educational materials and workshops to train staff on cybersecurity awareness.
Required Skills and Qualifications
Technical Expertise
• Proficiency in Microsoft tools and platforms, such as Microsoft Sentinel (formerly Azure Sentinel) for SIEM operations, Defender for Endpoint, and Microsoft Cloud App Security.
• Strong understanding of Microsoft networking protocols, Active Directory, Azure environments, and firewall configurations using Microsoft solutions.
• Experience with scripting in PowerShell for automation, debugging, and enhancing Microsoft tool functionality.
Analytical and Problem-Solving Skills
• Ability to analyze complex datasets from Microsoft tools and extract actionable intelligence.
• Strong troubleshooting skills to identify root causes of potential threats within Microsoft environments.
• Proven ability to think critically under pressure and make sound decisions during incidents.
Educational Background
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CEH (Certified Ethical Hacker), CISSP, or GIAC preferred.
Experience
• Minimum of 2-3 years of experience in cybersecurity, SOC operations, or a similar role, preferably with expertise in Microsoft security tools.
• Hands-on experience with threat intelligence platforms and detection methodologies using Microsoft Azure and Defender products.
• Proven track record of minimizing threats and vulnerabilities in previous positions.
Key Attributes
• Attention to Detail: Ensure accuracy in identifying and documenting threats and incidents.
• Adaptability: Respond effectively to the dynamic and evolving landscape of cybersecurity threats.
• Team Collaboration: Work seamlessly with other cybersecurity professionals and business units.
• Continuous Learning: Eager to stay informed about the latest tools, technologies, and threat intelligence.
Work Location: Mumbai/Bangalore (remote)
Joining time needed : 30 days
Key Responsibilities
Threat Detection and Analysis
• Develop and maintain log collection, analysis, and monitoring systems to identify suspicious activities.
• Analyze network traffic, endpoint data, and system logs to detect anomalies and indicators of compromise (IoCs).
• Identify emerging threats and vulnerabilities by staying updated with the latest intelligence and threat trends.
Incident Response
• Collaborate with SOC analysts to investigate and respond to security incidents.
• Provide technical expertise in triaging and resolving incidents while minimizing impact on operations.
• Design and document incident response procedures for rapid and effective action.
Automation and Tool Development
• Develop scripts and tools to automate repetitive detection tasks and enhance operational efficiency.
• Integrate detection and monitoring tools seamlessly into the company's IT infrastructure.
• Test and fine-tune monitoring tools to optimize accuracy and performance.
Collaboration and Communication
• Work closely with the IT, network, and development teams to ensure security best practices are implemented.
• Communicate findings and recommendations effectively to stakeholders, including non-technical audiences.
• Contribute to the creation of educational materials and workshops to train staff on cybersecurity awareness.
Required Skills and Qualifications
Technical Expertise
• Proficiency in Microsoft tools and platforms, such as Microsoft Sentinel (formerly Azure Sentinel) for SIEM operations, Defender for Endpoint, and Microsoft Cloud App Security.
• Strong understanding of Microsoft networking protocols, Active Directory, Azure environments, and firewall configurations using Microsoft solutions.
• Experience with scripting in PowerShell for automation, debugging, and enhancing Microsoft tool functionality.
Analytical and Problem-Solving Skills
• Ability to analyze complex datasets from Microsoft tools and extract actionable intelligence.
• Strong troubleshooting skills to identify root causes of potential threats within Microsoft environments.
• Proven ability to think critically under pressure and make sound decisions during incidents.
Educational Background
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CEH (Certified Ethical Hacker), CISSP, or GIAC preferred.
Experience
• Minimum of 2-3 years of experience in cybersecurity, SOC operations, or a similar role, preferably with expertise in Microsoft security tools.
• Hands-on experience with threat intelligence platforms and detection methodologies using Microsoft Azure and Defender products.
• Proven track record of minimizing threats and vulnerabilities in previous positions.
Key Attributes
• Attention to Detail: Ensure accuracy in identifying and documenting threats and incidents.
• Adaptability: Respond effectively to the dynamic and evolving landscape of cybersecurity threats.
• Team Collaboration: Work seamlessly with other cybersecurity professionals and business units.
• Continuous Learning: Eager to stay informed about the latest tools, technologies, and threat intelligence.
Work Location: Mumbai/Bangalore (remote)
Joining time needed : 30 days
United States Equal Opportunity Employment:
First Advantage is proud to be a global leader in removing barriers and supporting our community members to ensure the changing demographics of the workforce are reflected in our hiring and employment practices. We value all of our candidates, employees, and clients, and place great emphasis on hiring and supporting qualified individuals in each role. We are an equal opportunity employer. We do not discriminate on the basis of race, color, ethnicity, ancestry, religion, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, genetic information, or any other area protected by applicable law.
Apply for this position
Required*