SOC (Security Operations Center) Detection Engineer - First Advantage (Mumbai/Bangalore)

A SOC (Security Operations Center) Detection Engineer is a critical member of the cybersecurity team, responsible for designing, implementing, and maintaining systems and methodologies for detecting and responding to cyber threats. This professional plays a central role in identifying vulnerabilities, monitoring network activities, and ensuring the organization's digital assets are safeguarded against malicious actors.

Key Responsibilities
Threat Detection and Analysis
• Develop and maintain log collection, analysis, and monitoring systems to identify suspicious activities.
• Analyze network traffic, endpoint data, and system logs to detect anomalies and indicators of compromise (IoCs).
• Identify emerging threats and vulnerabilities by staying updated with the latest intelligence and threat trends.
Incident Response
• Collaborate with SOC analysts to investigate and respond to security incidents.
• Provide technical expertise in triaging and resolving incidents while minimizing impact on operations.
• Design and document incident response procedures for rapid and effective action.
Automation and Tool Development
• Develop scripts and tools to automate repetitive detection tasks and enhance operational efficiency.
• Integrate detection and monitoring tools seamlessly into the company's IT infrastructure.
• Test and fine-tune monitoring tools to optimize accuracy and performance.
Collaboration and Communication
• Work closely with the IT, network, and development teams to ensure security best practices are implemented.
• Communicate findings and recommendations effectively to stakeholders, including non-technical audiences.
• Contribute to the creation of educational materials and workshops to train staff on cybersecurity awareness.

Required Skills and Qualifications

Technical Expertise
• Proficiency in Microsoft tools and platforms, such as Microsoft Sentinel (formerly Azure Sentinel) for SIEM operations, Defender for Endpoint, and Microsoft Cloud App Security.
• Strong understanding of Microsoft networking protocols, Active Directory, Azure environments, and firewall configurations using Microsoft solutions.
• Experience with scripting in PowerShell for automation, debugging, and enhancing Microsoft tool functionality.
Analytical and Problem-Solving Skills
• Ability to analyze complex datasets from Microsoft tools and extract actionable intelligence.
• Strong troubleshooting skills to identify root causes of potential threats within Microsoft environments.
• Proven ability to think critically under pressure and make sound decisions during incidents.

Educational Background
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CEH (Certified Ethical Hacker), CISSP, or GIAC preferred.

Experience
• Minimum of 2-3 years of experience in cybersecurity, SOC operations, or a similar role, preferably with expertise in Microsoft security tools.
• Hands-on experience with threat intelligence platforms and detection methodologies using Microsoft Azure and Defender products.
• Proven track record of minimizing threats and vulnerabilities in previous positions.

Key Attributes
• Attention to Detail: Ensure accuracy in identifying and documenting threats and incidents.
• Adaptability: Respond effectively to the dynamic and evolving landscape of cybersecurity threats.
• Team Collaboration: Work seamlessly with other cybersecurity professionals and business units.
• Continuous Learning: Eager to stay informed about the latest tools, technologies, and threat intelligence.

Work Location: Mumbai/Bangalore (remote)
Joining time needed : 30 days