Associate Lead Engineer - Security Operations Center
Trivandrum, Kerala, India
Envestnet
Explore our connected ecosystem of solutions, intelligence, and technologies that connect people’s daily lives with their long-term goals. See how we’re equipping advisors with the tools and resources needed to deliver the most impactful...Primary Responsibilities
- Responsible for Security Monitoring and Incident Response – Support the investigation and contribution to large- and small-scale computer security breaches, Monitor the alert and incident management operations for quality, Assist the team with alert and incident management as and when required.
- Responsible for developing and managing SOAR solutions to automate incident response, integrate security tools, create playbooks, and enhance overall security operations efficiency and effectiveness
- Responsible for Cyber Threat Hunting – Cyber threat hunting execution for the entire Envestnet group, Tactical threat intel Coordination, Describe and identify suspicious binary traits, Identify potential malicious activity from memory dumps, logs, and packet captures, Monthly threat hunting statistics preparation.
- Assistance in Digital Forensics – Assist the operational management with increasing the digital forensics coverage. Additionally, assist the team with case-specific digital forensics efforts.
- Purple teaming – Assisting the team with designing and executing purple teaming exercises.
- Responsible for Compiling of Security Metrics - Compile security metrics and efficiency metrics for management review. Work towards automation of the management reports.
- Responsible for Audit Response – Respond and coordinate external and internal audits.
- Assist operations management in providing requirements for new and existing security systems, tools, and applications
- Assist in writing best practice procedures for the following services: Incident analysis, Incident response coordination, Cloud Security, Cyber Threat Hunting, Digital Forensics, Security audits or assessments, certificate authority, log research & diagnostics and host vulnerability scanning.
Work Experience
- 5 - 8 years working in Security operations environments handling incident response, threat intelligence & threat hunting operations
- Process-oriented and capable of handling incidents independently.
- Experience in analyzing alerts, vulnerabilities, and other security issues, taking actions based on set procedures.
- Proven ability to analyze multiple events and draw conclusions
- Hands-on exposure to digital forensics.
Skills
- Excellent communication skills, both verbal and written
- Good experience and knowledge of Operating Systems, Networks and Security technologies
- Knowledge of EDR, SIEM, IDS, Cloud, and other security analysis tools.
- Experience working in a heterogeneous environment
- Should be able to co-relate multiple events and arrive at a decision.
- Should be process-oriented.
- Should be a team player and has good interpersonal skills.
- Working on Linux is a plus.
- Scripting knowledge is a plus.
- Experience in handling security projects is a plus
Education/Degree(s)
BS degree/Engineering in IT or related field / Masters in Computer Applications
Certification/TrainingDigital Forensics and/or Threat hunting certifications are preferred.AWS Security Certification is a plus.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS Cloud EDR Forensics IDS Incident response Linux Monitoring Scripting Security analysis SIEM SOAR SOC Threat intelligence Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Network Security Engineer jobs
- Open Information Security Architect jobs
- Open C-related jobs
- Open CISM-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open APIs-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs