Security Engineer

Role Description:

The Security Analyst plays an integral role in the Aurigo Security Practice and works directly with the manager of Aurigo Security Practice. This role is primarily responsible for monitoring security alerts, identifying threats, and responding to incidents. He/she will work closely with CloudOps, IT, Engineering and other departments to mitigate risks, improve security measures and ensure compliance with security policies.

Key Responsibilities:

1. Continuously monitor the security alerts and incidents from various platforms such as SIEM, EDR, to identify and respond to security incidents.

2. Analyze and assess threats including malware, network intrusions, phishing and other attack vectors and provide actionable intelligence.

3. Daily assessment of vulnerabilities identified by the infrastructure scan and prioritize vulnerability remediation by working closely with other departments.

4. Create reports and provide analysis on vulnerabilities including the remediation efforts, timelines for completion and track the security exceptions.

5. Report on areas of noncompliance against standards and policies.

6. Conduct periodic security tests on web applications (OWASP Top 10), track and remediate application security vulnerabilities by working closely with concerned departments.

7. Perform continuous monitoring and auditing of systems to ensure compliance with CIS controls, identify the areas of improvement and address the security gaps by working with other departments as necessary.

8. Facilitate quarterly access reviews of user access across cloud, on-prem, and third-party applications, work with relevant teams to revoke or adjust access for users with excessive or inappropriate permissions.

9. Create and update security documentation such as SOPs, Security Policies, Incident response playbooks.

10. Develop and deliver security training to the organization workforce and track the progress of completion.

Qualifications Required:

1. Bachelor’s degree in computer science, IT, Cybersecurity or a related field.

2. Must have a minimum of 3-5 years of relevant experience as SOC Analyst /Engineer.

3. Must possess good knowledge and understanding of cloud platforms such as AWS and Azure.

4. Good Knowledge and understanding of SIEM tools such as Sumo Logic, Splunk, QRadar, Microsoft Sentinel.

5. Good knowledge and hands on experience on Vulnerability Management tools such as Qualys, Burp Suite etc.

6. Experience in analyzing security alerts in CrowdStrike, Defender 365, Microsoft Entra, Sumo Logic along with managing and troubleshooting issues in CrowdStrike, and Microsoft Defender.

7. Good understanding of MITRE ATT&K, NIST and other security frameworks.

8. Excellent communication and collaboration skills are required.

9. Ability to work as a team player and as an individual contributor.

10. Must be willing to learn, adapt, and work in fast paced, dynamic environment