Requisition Number: 91874
The Security Operations Center (SOC) Engineer is a remote, hands-on technical member of the Managed Security Services Engineering Team. The Engineering Team is responsible for maintaining and enhancing the Security Information and Event Management (SIEM) platforms used to deliver cybersecurity detection and response services to our clients. The SOC Engineer collaborates with the SOC Analysts, participates in the onboarding of new clients, contributes to threat detection engineering, and develops playbook automations for incident analysis and response.
The SOC Engineer is responsible for collaborating with the SOC Operations Team to continuously gather input and intelligence to identify and incorporate enhancements to improve threat detection capabilities and automations to improve operational efficiency within the SOC. The SOC Engineer will collaborate with project managers and participate in client onboarding tasks which include integrating data sources and the deployment of related analytics for threat detection. The SOC Engineer will communicate with clients and share responsibility for executing service requests related to modifications and enhancements to a client workspace within the detection and response platforms used by the SOC Operations Team.
The list below is representative of the knowledge, skill, and desired abilities to fulfill the role.
- Proficient in the configuration, and operations of a SIEM platform (Microsoft Sentinel).
- Proficient in Endpoint Detection & Response technologies (M365 Defender).
- Proficient in using KQL for creating and modifying threat detections.
- Proficient with scripting and reduction of manual-effort tasks by use of automation (LogicApps).
- Participate in the new client onboarding process to ingest data sources & deploy analytics.
- Ability to maintain a relationship with clients to maximize threat prevention & detection.
- Ability to document problems and resolution for future reference.
- Participate with other teams in a collaborative effort to support security operations.
- Stay up to date on the latest tools and technologies that deliver value to clients and perform
- Participate in new security operations initiatives.
- Bachelor's Degree in Cybersecurity, Computer Science, Information Technology or related experience.
- Position requires 3-5 years hands-on experience within a Security Operations Center.
- Working knowledge of scripting and query languages (preferably KQL)
- Experience with Microsoft Sentinel, M365 Defender, Secureworks Taegis, and Service Now.
- Experience with Cloud-based services (Azure).
- Strong analytical abilities and professional communication skills.
- Excellent troubleshooting skills needed.
- Must be able to respond effectively to inquiries or complaints within a timely fashion.
Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.
Insight India Location:Level 16, Tower B, Building No 14, Dlf Cyber City In It/Ites Sez, Sector 24 &25 A Gurugram Gurgaon Hr 122002 India]]>
Apply on company website