SecOps Engineer (EDR SIEM)

SecOps Engineer (Threat Hunt and EDR SIEM).

Key Responsibilities

Shift Leadership & Incident Response

• Lead SOC shifts: manage alert queues, assign cases, ensure SLA compliance, and deliver quality handovers.
• Investigate and respond to advanced threats using Microsoft Defender for Endpoint and Microsoft Sentinel.
• Execute incident response playbooks and document RCA for continuous improvement.

Threat Hunting & Detection Engineering

• Conduct hypothesis-driven hunts based on MITRE ATT&CK techniques, threat intel, and behavioral anomalies.
• Develop and tune detection rules in Microsoft Sentinel (KQL queries) and Defender for Endpoint policies.
• Maintain hunt logs, coverage maps, and detection health dashboards.

EDR & SIEM Operations

• Administer and optimize Microsoft Defender for Endpoint and Microsoft Sentinel for maximum detection fidelity.
• Build dashboards, correlation searches, and automation workflows to reduce MTTD/MTTR.
• Ensure telemetry quality: data onboarding, parsing, enrichment, and retention.

Reporting & Stakeholder Communication

• Prepare and present threat hunt findings, detection coverage reports, and incident trends to leadership.
• Translate technical insights into actionable recommendations for executives.

Required Qualifications

• 5–8 years in Security Operations / Threat Hunting / Detection Engineering.
• Hands-on experience with Microsoft Sentinel (KQL queries, dashboards) and Microsoft Defender for Endpoint.
• Proven Shift Lead experience in a 24×7 SOC environment.
• Strong understanding of MITRE ATT&CK, threat intel, and adversary TTPs.
• Excellent communication and reporting skills for executive-level presentations.

Nice-to-Have

• Experience with SOAR automation in Microsoft Sentinel.
• Familiarity with cloud telemetry (Azure/M365).
• Scripting (PowerShell/Python) for hunt automation and enrichment.
• Certifications: SC-200, SC-300, Security+, CySA+, GCIA/GCIH.

Tools & Technologies

• SIEM: Microsoft Sentinel
• EDR: Microsoft Defender for Endpoint
• Threat Frameworks: MITRE ATT&CK, D3FEND
• Automation: PowerShell, Python

KPIs

• Number of successful hunts and new detections authored
• Reduction in MTTD/MTTR for advanced threats
• Detection coverage improvements (mapped to ATT&CK)
• False positive reduction and alert fidelity

Job Type: Full-time

Pay: ₹80,000.00 - ₹100,000.00 per year

Benefits:

• Flexible schedule
• Health insurance

Application Question(s):

• How many years of an experience Security Operations / Threat Hunting / Detection Engineering?
• How much working years of an experience in Cloud security experience (Azure/M365)?
• How many years of an experience in Scripting (PowerShell/Python) for automation and reporting?