Security Engineer

The Security Engineer strengthens Sumo Logic’s detection capabilities, hardens cloud/IT environments, and builds defensive controls that scale. This role blends engineering with threat-driven design, ensuring the ability to detect, prevent, and respond to attacker behavior across cloud, endpoint, identity, and SaaS surfaces. The Security Engineer builds meaningful alerts, improves data quality, reduces noise, and creates protections that advance the maturity of the entire security program.

Must Have

• Create, tune, and maintain detections for attacker behavior
• Develop dashboards, correlations, and baseline checks for visibility
• Harden AWS environments with secure configurations and controls
• Review new architectures and deployments for security gaps
• Ensure clean ingestion of logs from various sources
• Identify missing data sources, parsing issues, or pipeline gaps
• Integrate new tools into the detection ecosystem
• Support escalations by analyzing signals and tracing attacker behavior
• Build automation to accelerate incident response
• Work with Engineering and IT for secure patterns and logging
• Support GRC during audits by validating controls
• 3-5 years in Security Engineering, Detection Engineering, or Cloud Security
• Strong understanding of AWS security, IAM, network fundamentals, cloud guardrails
• Hands-on experience with SIEM platforms and building detections
• Solid understanding of attacker behavior and defensive security patterns

Good to Have

• Experience in SaaS, cloud-native, or high-growth tech environments
• Familiarity with containers, Kubernetes, AI security, or automation pipelines
• Certifications such as AWS Security or similar

Title: Security Engineer

Location: Noida (Hybrid)

Role Overview: The Security Engineer strengthens Sumo Logic’s detection capabilities, hardens cloud/IT environments, and builds defensive controls that scale. This role blends engineering with threat-driven design, ensuring we can detect, prevent, and respond to attacker behavior across cloud, endpoint, identity, and SaaS surfaces. The Security Engineer builds meaningful alerts, improves data quality, reduces noise, and creates protections that advance the maturity of the entire security program.

Key Responsibilities

Detection Engineering and Alert Development

• Create, tune, and maintain detections that identify attacker behavior with minimal false positives
• Develop dashboards, correlations, and baseline checks that improve visibility across cloud and endpoint activity.
• Work with SecOps to validate alerts, improve logic, and strengthen incident response workflows.

Cloud and Infrastructure Security

• Harden AWS environments through secure configurations, IAM guardrails, network boundaries, and automated controls.
• Review new architectures and deployments for security gaps.
• Support automation of security checks using cloud native services, serverless functions, or policy engines.

Security Tooling and Log Pipeline Ownership

• Ensure logs from identity, cloud workloads, endpoints, SaaS tools, and infrastructure are ingested cleanly.
• Identify missing data sources, parsing issues, or pipeline gaps.
• Integrate new tools into the detection ecosystem and maintain healthy coverage.

Threat Analysis and Incident Support

• Support escalations by analyzing signals, tracing attacker behavior, and advising on root cause.
• Build automation that accelerates response.
• Contribute to tabletop exercises, threat modeling, and continuous improvement.

Cross Functional Partnership

• Work with Engineering and IT to drive secure patterns, strong IAM decisions, and high-quality logging.
• Support GRC during audits by validating controls and demonstrating security architecture.

Required Experience and Skills:

• Three to five years in Security Engineering, Detection Engineering, or Cloud Security roles.
• Strong technical understanding of AWS security, IAM, network fundamentals, and cloud guardrails.
• Hands-on experience working with SIEM platforms and building detections.
• Solid understanding of attacker behavior and defensive security patterns.

Preferred Experience:

• Experience in SaaS, cloud-native, or high-growth tech environments.
• Hands-on familiarity with containers, Kubernetes, AI security, or automation pipelines.
• Certifications such as AWS Security or similar.

What Success Looks Like:

• Security alerts become higher signal and lower noise.
• Cloud risks are reduced through intentional guardrails and automation.
• Tooling and log coverage are reliable, consistent, and complete.
• SecOps moves faster and more effectively with strong detections and context.
• The company gains measurable improvements in visibility, resilience, and readiness.