Security Engineer - II (Cyber Defense)
Bengaluru/Mumbai
Upstox
Start Trading in Share Market, SIP, IPOs, Mutual Fund, Indices and Commodity at Upstox.com with hassle free process. We provide real time BSE, NSE, MCX, and NCDEX live price and market updates. Trade Now!Upstox is one of India's leading Fin-Tech companies with a mission to simplify trading & investing to make it easily accessible to the masses. We aim to enable everyone, from new investors to seasoned traders, to invest across multiple categories with our state-of-the-art trade & investment platform and commission-free pricing. We offer numerous asset categories to invest in, like Stocks, Digital Gold, IPOs, Mutual Funds, and more.
Our mission is simple - to break down the complexities of investing and make it more effortless, accessible, affordable, and easy for the masses to adopt. This key principle when infused with intuitive design and leading-edge technology will help us empower every Indian to take control of their investments.
Role: Security Engineer - 2 (Cyber Defense)
The role of a Security Engineer is crucial in the realm of cybersecurity as it covers the incident response aspects. A Security Engineer should possess a total of 5 years of experience in cyber security, out of which, 3 years of experience should be in SOC (Security Operations Center) or Incident Response, and a minimum of 2 years experience as a lead investigator in Incident Response.As a Security Engineer, the responsibilities will primarily involve collaborating with internal and external stakeholders to respond to incidents and collect digital evidence related to them. The ability to perform triaging, analysis & reporting, and performing RCA (Root Cause Analysis) of incidents is also an integral part of the job.In this role, the Security Engineer must possess exceptional communication skills and be able to articulate complex technical information in a clear and concise manner to stakeholders at various levels of the organization. Furthermore, the ability to identify and recommend process improvements, implement mitigation strategies, and provide ongoing support to ensure a proactive approach to incident management is essential.
What you’ll do:
- Investigate, document, and report on information security issues and emerging threats, utilizing threat intelligence and industry best practices.- Provide Incident Response (IR) support when analysis confirms an actionable incident, including isolating affected systems, collecting and analyzing triage/logs, containing the incident, and providing a remediation strategy.- Gather information from various threat intel sources and initiate remediation steps to neutralize the risk to the organization.- Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms to identify and triage security incidents affecting the enterprise.- Perform threat hunting and in-depth investigations, providing support for incidents escalated from SOC.- Define and document playbooks, standard operating procedures, and processes to streamline incident response and ensure consistency across the organization.- Document the results of cyber threat analysis effectively and prepare comprehensive hand-off and/or escalation for the Incident Response process.- Utilize security tools and technologies to analyze potential threats to determine impact, scope, and recovery.- Collaborate with internal and external stakeholders, including key business units, to make recommendations on mitigation and prevention techniques.- Conduct a detailed analysis of various security-related events like Phishing, Malware, DoS/DDoS, Application-specific Attacks, Ransomware, etc.- Research and explore the enrichment and correlation of existing data sets to provide deep threat analysis.- Contribute to and/or drive special projects by providing expertise, guidance, and leadership in the area of information security.
What you’ll need:
- Technical expertise in the organization's applications, systems, networks, and infrastructure, including a deep understanding of highly scalable enterprise network technologies and architectures.- Strong knowledge of logging mechanisms on Windows, Linux, and macOS platforms, as well as networking protocols.- Proficiency with several security tools and technologies, such as EDR, Anti-Virus, HIPS, NIDS/NIPS, log analysis, full packet capture, network-based forensics, and encryption.- Advanced certifications, such as SANS GIAC / GCIA / GCIH, CISSP, or CASP, and experience with incident response-specific training and certification is highly desirable.- At least 2 years of experience as a lead investigator and 3 years of experience as an analyst in incident response or SOC.- Expertise in creating and executing incident response playbooks (IRP).Excellent understanding of defensive security strategies and tactics.- Strong scripting skills for automation.- Effective communication skills to coordinate with various stakeholders across the organization.
If you fit the above description, we would love to connect with you! APPLY NOW
A basic requirement but one that many forget: Make sure you go through our website,download our app and give us feedback!Upstox is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other characteristics.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation CASP+ CISSP Cyber defense DDoS EDR Encryption Forensics GCIA GCIH GIAC Incident response Linux Log analysis MacOS Malware SANS Scripting SOC Strategy Threat intelligence Windows
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs