Key Responsibilities 

<ul>
<li>Monitor and respond to alerts from SIEM, network monitoring, endpoint, and cloud-native security tools </li>
</ul>

<ul>
<li>Perform initial triage, validation, and classification of alerts and incidents </li>
</ul>

<ul>
<li>Distinguish false positives from genuine security or operational issues </li>
</ul>

<ul>
<li>Investigate incidents related to: </li>
</ul>

<ul>
<li>Security threats (phishing, malware, brute force, policy violations) </li>
</ul>

<ul>
<li>Network outages and performance degradation </li>
</ul>

<ul>
<li>Cloud misconfigurations and security alerts </li>
</ul>

<ul>
<li>Analyze logs from servers, endpoints, firewalls, network devices, and cloud services </li>
</ul>

<ul>
<li>Follow SOPs / runbooks for incident handling and escalation</li>
</ul>
 
<ul>
<li>Escalate incidents to senior analysts, engineering teams, vendors, or ISPs as required </li>
</ul>

<ul>
<li>Participate in bridge calls / war-room calls during major incidents </li>
</ul>

<ul>
<li>Create and maintain incident tickets and documentation with clear timelines and evidence </li>
</ul>

<ul>
<li>Support incident containment, remediation, and recovery activities </li>
</ul>

<ul>
<li>Perform shift handovers and ensure continuity of operations </li>
</ul>

<ul>
<li>Assist in improving monitoring, alert tuning, and operational processes </li>
</ul>
 
Required Skills &amp; Knowledge 

<ul>
<li>Understanding of SOC, NOC, and Cloud SOC operations </li>
</ul>

<ul>
<li>Experience with monitoring and alerting tools, such as: </li>
</ul>

<ul>
<li>SIEM (Google SecOps, QRadar, Sentinel, etc.) </li>
</ul>

<ul>
<li>Network monitoring tools (SolarWinds, Zabbix, etc.) </li>
</ul>

<ul>
<li>Cloud-native tools (AWS GuardDuty &amp; Security Hub, Azure Sentinel/Defender, GCP Security Command Center) </li>
</ul>

<ul>
<li>Knowledge of networking fundamentals (TCP/IP, DNS, ports, firewalls) </li>
</ul>

<ul>
<li>Familiarity with security concepts (CIA triad, common attack vectors) </li>
</ul>

<ul>
<li>Awareness of cloud security fundamentals, including: </li>
</ul>

<ul>
<li>IAM and least privilege </li>
</ul>

<ul>
<li>Shared Responsibility Model </li>
</ul>

<ul>
<li>Logging and monitoring </li>
</ul>

<ul>
<li>Experience with ticketing systems (ServiceNow, Jira, FreshService, etc.) </li>
</ul>

<ul>
<li>Strong documentation and communication skills </li>
</ul>

<ul>
<li>Willingness to work in 24×7 rotational shifts and on-call schedules </li>
</ul>
 
Experience &amp; Qualifications 

<ul>
<li>1–5+ years of experience in SOC, NOC, Cloud Operations, or IT Operations </li>
</ul>

<ul>
<li>Bachelor’s degree in IT, Computer Science, Cybersecurity, or equivalent experience </li>
</ul>

<ul>
<li>Experience working in production / enterprise environments preferred </li>
</ul>
 
Preferred Certifications 

<ul>
<li>Security+, Network+, CCNA, ITIL Foundation </li>
</ul>

<ul>
<li>Cloud certifications (AWS, Azure, GCP) </li>
</ul>
 
Key Attributes 

<ul>
<li>Incident-driven and process-oriented mindset </li>
</ul>

<ul>
<li>Ability to operate under pressure during outages or security incidents </li>
</ul>

<ul>
<li>Strong analytical and troubleshooting skills </li>
</ul>

<ul>
<li>Clear written and verbal communication </li>
</ul>

<ul>
<li>Team-oriented with disciplined escalation practices </li>
</ul>

Security Engineer

India

Key Responsibilities Monitor and respond to alerts from SIEM, network monitoring, endpoint, and cloud-native security tools Perform initial triage, validation, and classification of alerts and incidents Distinguish false positives from genuine security or operational issues Investigate incidents related to: Security threats (phishing, malware, brute force, policy violations) Network outages and performance degradation Cloud misconfigurations and security alerts Analyze logs from servers, endpoints, firewalls, network devices, and cloud services Follow SOPs / runbooks for incident handling and escalation Escalate incidents to senior analysts, engineering teams, vendors, or ISPs as required Participate in bridge calls / war-room calls during major incidents Create and maintain incident tickets and documentation with clear timelines and evidence Support incident containment, remediation, and recovery activities Perform shift handovers and ensure continuity of operations Assist in improving monitoring, alert tuning, and operational processes Required Skills &amp; Knowledge Understanding of SOC, NOC, and Cloud SOC operations Experience with monitoring and alerting tools , such as: SIEM (Google SecOps, QRadar, Sentinel, etc.) Network monitoring tools (SolarWinds, Zabbix, etc.) Cloud-native tools (AWS GuardDuty &amp; Security Hub, Azure Sentinel/Defender, GCP Security Command Center) Knowledge of networking fundamentals (TCP/IP, DNS, ports, firewalls) Familiarity with security concepts (CIA triad, common attack vectors) Awareness of cloud security fundamentals , including: IAM and least privilege Shared Responsibility Model Logging and monitoring Experience with ticketing systems (ServiceNow, Jira, FreshService, etc.) Strong documentation and communication skills Willingness to work in 24×7 rotational shifts and on-call schedules Experience &amp; Qualifications 1–5+ years of experience in SOC, NOC, Cloud Operations, or IT Operations Bachelor’s degree in IT, Computer Science, Cybersecurity , or equivalent experience Experience working in production / enterprise environments preferred Preferred Certifications Security+, Network+, CCNA, ITIL Foundation Cloud certifications (AWS, Azure, GCP) Key Attributes Incident-driven and process-oriented mindset Ability to operate under pressure during outages or security incidents Strong analytical and troubleshooting skills Clear written and verbal communication Team-oriented with disciplined escalation practices

Security Engineer · Guwahati

Job highlights

Skillset required

Job Description

Job Description for Security Engineer

More at Slice