Security Engineer

Education*: BE/B-Tech/BCA or master’s degree in CS/IT

Certification*: CEH/ CCNA Sec/ PCNSA equivalent certification of respective OEM

Experience*: 2- 3 years’ relevant experience.

Technology (OEM)*: Network/Cyber Security, IPS-Checkpoint, Malware Sandboxing-Palo Alto, Perimeter DDOS-NetScout

Skills: Candidate should have adequate knowledge of security devices like Firewalls, DDOS and other security devices.

Job summary

As an L1 Security Monitoring Engineer, it is a vigilant first responder, responsible for the 24/7 monitoring of security systems. The analyst will monitor and analyze alerts related to firewalls, anti-DDoS, malware proxy, and sandboxing technologies. You will perform initial triage, escalate confirmed security incidents, and help maintain the overall security posture of the organization.

Key Responsibilities

• Perform initial triage on all security alerts to determine their severity and authenticity. Differentiate between false positives and legitimate security threats.

• Monitor and analyze IPS related alerts from Check Point products. Identify and investigate potential network intrusions and malicious traffic patterns.

• Analyze reports from Palo Alto malware sandboxing to determine if a file is malicious, understand its behavior, and identify affected systems.

• Monitor traffic anomalies and alerts from NetScout perimeter DDoS tools to detect and analyze distributed denial-of-service attacks against the network.

• Investigate and document all security incidents and events, recording key details such as the nature of the event, affected assets, and actions taken.

• Escalate confirmed security incidents and complex issues to Level 2/3 analysts or other relevant support teams, providing a detailed handover.

• Follow established incident response procedures for handling standard security events.

• Update and maintain security incident records in the ticketing system, ensuring all information is accurate and up to date.

• Install application patches and signed software updates in order to improve performance, enable additional functionality or enhance security standard including but not limited to Performing Scans, Management of the system, Updating of plugins and patches, etc.

• To maintain the inventory of entire assets of Cyber Security solutions as per scope and maintain and update a database with respect to OS, Database, Webservers, Application details, and IP addresses pertaining to all Security Solutions under the mentioned scope.

JD-

• Monitor WAF alerts and logs for suspicious activity.
• Triage and respond to incidents escalated from L1 teams.
• Perform root cause analysis and recommend mitigation actions.
• Escalate complex issues to L2.5 or L3 teams as needed
• Implement and fine-tune WAF rules and policies to reduce false positives.
• Manage IP/URL blocking, bot score tuning, and rate limiting.
• Coordinate SSL/TLS certificate renewals and origin certificate issues
• Support onboarding/offboarding of applications to WAF.
• Conduct cache purging, country blocking, and API definition updates.
• Maintain documentation and SOPs for WAF operations
• Work closely with WAF SMEs, SOC analysts, and security architects.
• Participate in knowledge transfer (KT) sessions and training during transition phases
• Contribute to the development of playbooks and automation scripts

Job Types: Full-time, Permanent

Pay: From ₹400,000.00 per year

Application Question(s):

• How many years of total experience do you currently have?
• What is your current location?
• What is your current CTC?
• What is your expected CTC?
• What is your notice period/ LWD?
• What is your highest qualification with stream?
• Which global certification do you have?
• How many years of experience do you have in Next Gen Firewall with IPS, Proxy, Malware Sandboxing & Anti Dods?

Work Location: In person