NASHIK · FULLTIME
Cyber Security Engineer
ESDS Software Solution Limited
Nashik · onsite · Posted 13d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
1. Advanced Operations & Threat Detection
- Lead
advanced health checks and configuration reviews for deployed security tools (AV, EDR, XDR, PIM, PAM, DLP, DAM, etc.).
- Conduct proactive threat hunting to identify hidden, emerging, or sophisticated threats beyond standard alerts.
- Fine-tune correlation rules, use cases, and detection logic to reduce false positives and improve detection accuracy.
2. Incident Response & Escalation Management
- Act as the final escalation point for critical and major incidents, leading investigation and resolution.
- Own
root cause analysis (RCA) and remediation plans for high-severity incidents in the ticketing tool (ITSM).
- Lead incident command during major security events, coordinating cross-functional response and decision-making.
- Review and approve closure of high-severity tickets, ensuring SLA and quality compliance.
3. Client & OEM Coordination
- Serve as the senior technical point of contact for key clients during critical incidents and security reviews.
- Present RCA reports, security posture reviews, and improvement recommendations to client stakeholders.
- Liaise with OEMs and vendors on advanced troubleshooting, escalations, and product roadmap discussions.
4. Documentation & Reporting
- Own and maintain advanced documentation, including RCA reports and threat intelligence summaries for all security products.
- Review and refine runbooks, SOPs, and playbooks based on lessons learned from incidents and audits.
- Prepare and present
monthly/quarterly security operations reports (SLA trends, incident analytics, risk insights) to internal leadership.
5. Mentoring & Service Delivery Support
- Mentor and train L1/L2 analysts on tools, SOPs, and incident handling best practices, including knowledge-sharing sessions.
- Lead technical onboarding and architecture/configuration review for new clients or products.
- Identify and drive automation opportunities to optimize SOC workflows and reduce manual effort.
6. Shift & Availability
- Work in
24x7 rotational shifts and lead shift operations, ensuring coverage and escalation readiness.
- Be available for critical incident bridge calls and major incident management at short notice. Required Skills & Qualifications:
1. Technical Skills:
- Advanced expertise in cybersecurity products:
AV, EDR, XDR, PIM, PAM, DLP, DAM, SIEM/SOAR
- Strong knowledge of Windows & Linux administration, networking, and cloud security fundamentals.
- Deep understanding of incident lifecycle management, threat intelligence, and the MITRE ATT&CK framework.
- Hands-on experience with scripting/automation (Python, PowerShell) for SOC process optimization.
- Strong analytical, troubleshooting, and root cause analysis (RCA) skills.
2. Soft Skills:
- Excellent communication and presentation skills, including client-facing interactions.
- Strong leadership and mentoring ability to guide junior analysts.
- Ability to stay calm and decisive under high-pressure, major-incident situations.
- Strong stakeholder management and cross-team coordination skills. Qualification & Certification
- Experience: 4 to 10 years
- Education: Graduate/Postgraduate in Computer Science, IT, Electronics, or related field.
- Certifications (Preferred): CEH, CompTIA Security+/CySA+, ITIL Foundation, OEM advanced certifications (EDR, XDR, PAM, DLP, etc.)
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02