Sakon - Security Engineer - Endpoint Detection & Response (2-4 yrs)

Position Name : Engineer-Security.

Qualification : Any engineer graduate/ any graduate with technical degrees.

Experience : Minimum 2 to 4 years in Security Operations.

Role :

The Security Operations (SOC) Engineer is responsible for monitoring the environment, identifying, reporting, and responding to security threats that put the organization at risk.

The primary function of this position is to monitor the security tools and perform alert management and initial incident qualification.

Job Description :

- Acknowledge, analyze, and validate incidents triggered from multiple security tools like IDS/IPS, Web Application Firewall, Firewalls, Endpoint Detection & Response tools, and events through SIEM solution.

- Acknowledge, analyze, and validate incidents received through other reporting mechanisms such as email, phone calls, management directions, etc.

- Collection of necessary logs that could help in the incident containment and security investigation.

- Escalate validated and confirmed incidents to Security administrators.

- Undertake first stages of false positive and false negative analysis.

- Understand the structure and the meaning of logs from different log sources such as FW, IDS/IPS, WAF, Windows DC, Cloudflare, AV and antimalware software, O365 email security etc.

- Open incidents in ticketing platform to report the alarms triggered or threats detected.

- Track and update incidents and requests based on updates and analysis results Report infrastructure issues to the IMS Team.

- Working with vendors to work on security issues.

- Perform other duties as assigned.

Skills :

- Strong security knowledge.

- Should have expertise on TCP/IP network traffic and event log analysis.

- Experience with Linux, Windows and Network Operating Systems required.

- Knowledge and hands-on experience in management of IDS/IPS, Firewall, VPN, and other security products.

- Experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules, and administration of SIEM.

- Knowledge and hands-on experience in Log management & Endpoint detection and response tools.

- Knowledge of ITIL disciplines such as Incident, Problem and Change Management.

- Strong interpersonal skills including excellent written/verbal communication skills.

Benefits and Perks :

- Flexible Holiday Policy (choose your own holidays).

- Life & Medical Insurance.

- Focus on Skill Development, Re-imbursement for Certifications.

- Wifi-Mobile bill reimbursement.

- Employee well-being activities.