Senior Security Engineer

Role & responsibilities

We are seeking a highly skilled Security Engineer with expertise in managing and maintaining various cybersecurity technologies including Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), Deception Technology, and Web Application Firewall (WAF). The ideal candidate will be responsible for designing, implementing, and managing these critical components of our cybersecurity infrastructure to ensure the confidentiality, integrity, and availability of our systems and data.

Key Responsibilities:

• SIEM Management:
• Configure, maintain, and optimize SIEM platforms to collect, correlate, and analyze security event data from various sources.
• Develop and implement use cases, correlation rules, and alerts to identify and respond to security incidents effectively.
• Conduct regular reviews of SIEM configurations and rulesets to ensure alignment with security best practices and organizational policies.
• DLP Implementation and Maintenance:
• Design, deploy, and manage Data Loss Prevention solutions to monitor and prevent unauthorized data exfiltration, leakage, or misuse.
• Collaborate with stakeholders to define and enforce data security policies and rules within the DLP solution.
• Monitor DLP alerts and incidents, investigate violations, and take appropriate remedial actions.
• EDR Deployment and Oversight:
• Deploy and manage Endpoint Detection and Response solutions to detect and respond to advanced threats and malicious activities targeting endpoints.
• Configure EDR agents, policies, and response actions to mitigate security risks and protect endpoints across the organization.
• Conduct threat hunting and analysis leveraging EDR capabilities to proactively identify potential security threats and vulnerabilities.
• Deception Technology Integration:
• Evaluate, implement, and maintain Deception Technology solutions to deceive, detect, and disrupt attackers within the network.
• Design and deploy decoys, traps, and lures to detect lateral movement and reconnaissance activities of adversaries.
• Monitor Deception Technology alerts and incidents, analyze attacker behavior, and refine deception strategies accordingly.
• WAF Administration and Configuration:
• Administer and configure Web Application Firewall solutions to protect web applications from common security threats, such as SQL injection, cross-site scripting (XSS), and DDoS attacks.
• Collaborate with application development teams to implement WAF rulesets and policies tailored to specific application requirements and security standards.
• Monitor WAF logs and alerts, analyze traffic patterns, and fine-tune WAF configurations to optimize security and performance.
• Hands-on experience with leading SIEM platforms (e.g., Splunk, QRadar, LogRhythm), DLP solutions (e.g., Symantec DLP, McAfee DLP), EDR products (e.g., CrowdStrike, Sentinel one), Deception Technology tools (e.g., Attivo Networks, TrapX Security), and WAF solutions (e.g., F5 WAF, Imperva WAF).
• Strong understanding of cybersecurity principles, threat landscape, and attack vectors.

Key Responsibilities

• Excellent analytical, problem-solving, and communication skills.
• Review and analyse reports & results of the audit, gap analysis and security testing conducted and assist stakeholders with identify practical solutions for any gaps, issue and vulnerability identified.
• Collaborate with IT, Business areas and the internal Information Security teams to deliver within deadlines.
• Prepare Status Plans and dashboards for key initiatives, plans as per management requirements.
• Create and maintain technical documentation for security systems, processes, and controls.
• Actively promoting information security and good security practices throughout the organisation, further enhancing the security awareness.
• Maintain the companys compliance standards and ensure timely completion of all mandatory on-line training modules and attestations.
• Ensure that management reporting for the IT Security Committee and RMCB are accurate, well presented (contextual and informative) to ensure that updates, issues, and risks are transparent to enable the committees can make well-informed decisions where necessary.

Preferred candidate profile

• Minimum Qualification: B.Tech/ B.E/ MCA/BCA
• 5+ Experience in cybersecurity roles with a focus on managing SIEM, DLP, EDR, Deception Technology, and WAF technologies.
• Relevant Experience: 5-7 Years
• Certification: ISO 27001 LA/ LI, Security +, SSCP, CEH, GCIH, or equivalent are desirable

Competencies

• Should have knowledge of information security, related business processes, control objectives, Risk management, and possess analytical skills of risk assessment regarding threats and vulnerabilities to organizations information assets.
• Strong understanding of security risk management frameworks such as ISO 27001/27002/ NIST SP 800-53.
• Solid organizational skills, including multitasking and time-management.
• Excellent communication, organization time management and problem-solving skills.
• Team management skills and proactive mindset.
• Ability to function as a Team Player and maintain a good working relationship, yet think and act independently with professionalism, discretion, and confidentiality.
• Project management experience will be added advantage.