Lead Engineer - IT Security

4 Years ago • 5 Years + • Cyber Security

Job Summary

Job Description

As a Lead Engineer in IT Security, you will be responsible for conducting advanced incident investigations, leading incident response efforts, and performing proactive threat hunting. Your duties include deep-dive analysis of security alerts, correlating events across various security tools, and leading containment, eradication, and recovery. You will also perform root cause analysis for incidents, develop preventative measures, and stay updated on emerging threats and vulnerabilities. Additionally, you will conduct vulnerability scans, analyze results, and contribute to the creation of incident response playbooks and optimize security tools. Integrating threat intelligence and generating comprehensive incident reports are also key responsibilities.
Must have:
  • Minimum 5 years experience in SOC or cybersecurity role.
  • Strong understanding of security frameworks (MITRE ATT&CK, NIST, ISO 27001).
  • Hands-on experience with SIEM tools (Splunk, QRadar, Sentinel).
  • Familiarity with EDR solutions (CrowdStrike, Carbon Black, Defender ATP).
  • Solid knowledge of networking, log analysis, and attack vectors.
  • Experience in incident response, malware analysis, and threat hunting.
  • Ability to perform under pressure and manage multiple incidents.
  • Bachelor's degree in Computer Science, Information Security, or equivalent.
Good to have:
  • GCIA, GCIH, CEH, CISSP, OSCP, or Security+ certifications.
  • Experience with scripting (Python, PowerShell, Bash) for automation.
  • Knowledge of cloud security monitoring (AWS, Azure, GCP).
  • Experience with SOAR platforms and incident response automation.

Job Details

Description

 

Key Responsibilities: 
  • Advanced incident investigation: Conduct deep-dive investigations into complex security alerts and incidents, correlating events across multiple security tools and logs (SIEM, EDR, network logs, cloud logs).
  • Incident response leadership: Lead containment, eradication, and recovery efforts for security incidents, collaborating with IT, engineering, and other teams.
  • Threat hunting: Proactively search for threats within our environment using threat intelligence, hypotheses, and advanced analytical techniques.
  • Root cause analysis: Perform root cause analysis for security incidents and recommend preventative measures to enhance our defenses.
  • Threat Hunting: Exercises and proactive detection activities. Stay updated on emerging threats, vulnerabilities, attack techniques, and security news
  • Vulnerability Management: Conduct regular vulnerability scans and assessments using industry-standard tools and ASPM. Analyze scan results to identify and classify security vulnerabilities, understanding their potential impact and exploitability.
  • Develop playbooks: Contribute to the creation and refinement of incident response playbooks, runbooks, and standard operating procedures, including SOAR.
  • Security tool optimization: Recommend and assist with the configuration, tuning, and optimization of SIEM rules, EDR policies, and other security controls.
  • Threat intelligence integration: Integrate and operationalize threat intelligence (IOCs) and TTPs to improve detection capabilities and inform proactive defense strategies.
  • Reporting: Generate comprehensive incident reports and provide actionable insights to management.

Required Qualifications: 

  • Minimum of 5 years of experience in a Security Operations Center (SOC) or a similar cybersecurity role
  • Strong understanding of security frameworks (MITRE ATT&CK, NIST, ISO 27001, etc.)
  • Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Sentinel, etc.)
  • Familiarity with EDR solutions (e.g., CrowdStrike, Carbon Black, Defender ATP)
  • Solid knowledge of networking concepts, log analysis, and common attack vectors
  • Experience in the incident response lifecycle, malware analysis, and threat hunting
  • Ability to perform effectively in high-pressure situations and manage multiple incidents simultaneously
  • Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience)

Preferred Skills and Certifications: 

  • Certifications such as GCIA, GCIH, CEH, CISSP, OSCP, or Security+
  • Experience with scripting (Python, PowerShell, Bash) for automation and log parsing
  • Knowledge of cloud security monitoring (AWS, Azure, GCP)
  • Experience with SOAR platforms and the automation of incident response workflows
 

Similar Jobs

Cloud Imperium Games - Level Scripter

Cloud Imperium Games

Manchester, England, United Kingdom (On-Site)
3 Months ago
Dentsu - Associate Director, Commerce & Retail Media

Dentsu

New York, United States (Remote)
1 Month ago
WerPlay - 3D Artist

WerPlay

Islamabad, Islamabad Capital Territory, Pakistan (On-Site)
1 Month ago
NVIDIA - Hardware Board Design Manager, IC Product

NVIDIA

Yokne'am Illit, North District, Israel (On-Site)
6 Months ago
PwC - Consultant Manager / Senior Manager Risk Management | CDI | H/F

PwC

Neuilly-sur-Seine, Île-de-France, France (On-Site)
9 Months ago
LMArena - Senior Security Engineer

LMArena

California, United States (Remote)
4 Months ago
SpecterOps - Defensive Security Analyst

SpecterOps

France (Remote)
1 Week ago
PayPal - Manager, Cybersecurity Risk

PayPal

San Jose, California, United States (On-Site)
1 Week ago
JMA - Senior Embedded Systems Security Engineer

JMA

Syracuse, New York, United States (On-Site)
1 Month ago
bytedance - Software Engineer - Network Security - San Jose

bytedance

San Jose, California, United States (On-Site)
8 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

ansira - LMS - Specialist

ansira

Noida, Uttar Pradesh, India (Hybrid)
1 Year ago
TransUnion - Client Executive

TransUnion

Burlington, Ontario, Canada (Remote)
2 Months ago
techholding - Senior AWS Platform Engineer (Control Tower Specialist)

techholding

Westlake Village, California, United States (On-Site)
2 Weeks ago
4j studios - Senior Software Developer (Network)

4j studios

Dundee, Scotland, United Kingdom (On-Site)
2 Months ago
Scopely - Platform Accounts Engineer

Scopely

Barcelona, Catalonia, Spain (Hybrid)
7 Months ago
Razer - RazerStore Sales Associate

Razer

Austin, Texas, United States (On-Site)
1 Year ago
Qualcomm - WLAn Phy RTL Design Engineer - Staff

Qualcomm

Bengaluru, Karnataka, India (On-Site)
1 Month ago
Frag games - 2D/3D Animator

Frag games

Lahore, Punjab, Pakistan (On-Site)
2 Months ago
PwC - Senior Associate - Azure DevOps

PwC

Bengaluru, Karnataka, India (On-Site)
1 Year ago
Rippling - Director, Mid-Market Sales

Rippling

New York, United States (On-Site)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Thiruvananthapuram, Kerala, India

Qualcomm - RF and Mixed-Signal Bench Characterization Engineer, Senior

Qualcomm

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Kwalee - Talent Acquisition Partner

Kwalee

Bengaluru, Karnataka, India (On-Site)
3 Weeks ago
Capgemini - UiPath Developer

Capgemini

India (On-Site)
1 Month ago
eBay - Software Engineer, Full Stack

eBay

Bengaluru, Karnataka, India (On-Site)
1 Week ago
Capgemini - WLAN Testing

Capgemini

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Qualcomm - Sr Staff Physical Design Engineer

Qualcomm

Noida, Uttar Pradesh, India (On-Site)
2 Months ago
P99 soft - Senior 3D Generalist

P99 soft

Pune, Maharashtra, India (On-Site)
2 Months ago
Capgemini - FW/BIOS QA - Testing

Capgemini

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Juego Studios - SEO Specialist - North America Region

Juego Studios

Bengaluru, Karnataka, India (On-Site)
8 Months ago
Netomi - Software Engineer I (Frontend)

Netomi

Gurugram, India (Remote)
4 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

CAE - Information Systems Security Engineer

CAE

Orlando, Florida, United States (On-Site)
1 Month ago
Morning Star - Lead Security Engineer

Morning Star

Chicago, Illinois, United States (Hybrid)
1 Year ago
Canonical - Security Engineer - Ubuntu

Canonical

(Remote)
2 Months ago
Yodlee - Senior Analyst - Information Security

Yodlee

Thiruvananthapuram, Kerala, India (On-Site)
1 Week ago
Devoteam - IT Project Manager with Cybersecurity Background and Good English Level

Devoteam

Barcelona, Catalonia, Spain (On-Site)
3 Months ago
Yodlee - Information Security Analyst/ Analyst – Identity Governance and Compliance

Yodlee

Thiruvananthapuram, Kerala, India (On-Site)
1 Week ago
Aeries technology - Senior Cybersecurity Analyst

Aeries technology

Hyderabad, Telangana, India (On-Site)
2 Months ago
Glean - Security Engineer

Glean

Bengaluru, Karnataka, India (On-Site)
2 Months ago
GHX - Senior Cybersecurity Risk Governance Analyst

GHX

Hyderabad, Telangana, India (On-Site)
2 Months ago
Jane Street - Cybersecurity Engineering - Threat Modelling

Jane Street

Singapore (On-Site)
2 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Raleigh, North Carolina, United States (Hybrid)

Thiruvananthapuram, Kerala, India (On-Site)

Berwyn, Pennsylvania, United States (Hybrid)

Berwyn, Pennsylvania, United States (Hybrid)

Berwyn, Pennsylvania, United States (Remote)

Thiruvananthapuram, Kerala, India (On-Site)

Thiruvananthapuram, Kerala, India (On-Site)

Denver, Colorado, United States (On-Site)

Boston, Massachusetts, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Yodlee

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug