Security Engineer · Bengaluru

Key Responsibilities

• Monitor and respond to alerts from SIEM, network monitoring, endpoint, and cloud-native security tools

• Perform initial triage, validation, and classification of alerts and incidents 

• Distinguish false positives from genuine security or operational issues

• Investigate incidents related to: 

• Security threats (phishing, malware, brute force, policy violations) 

• Network outages and performance degradation 

• Cloud misconfigurations and security alerts 

• Analyze logs from servers, endpoints, firewalls, network devices, and cloud services

• Follow SOPs / runbooks for incident handling and escalation

 

• Escalate incidents to senior analysts, engineering teams, vendors, or ISPs as required 

• Participate in bridge calls / war-room calls during major incidents 

• Create and maintain incident tickets and documentation with clear timelines and evidence 

• Support incident containment, remediation, and recovery activities

• Perform shift handovers and ensure continuity of operations 

• Assist in improving monitoring, alert tuning, and operational processes

Required Skills & Knowledge

• Understanding of SOC, NOC, and Cloud SOC operations

• Experience with monitoring and alerting tools, such as: 

• SIEM (Google SecOps, QRadar, Sentinel, etc.) 

• Network monitoring tools (SolarWinds, Zabbix, etc.) 

• Cloud-native tools (AWS GuardDuty & Security Hub, Azure Sentinel/Defender, GCP Security Command Center) 

• Knowledge of networking fundamentals (TCP/IP, DNS, ports, firewalls) 

• Familiarity with security concepts (CIA triad, common attack vectors) 

• Awareness of cloud security fundamentals, including: 

• IAM and least privilege 

• Shared Responsibility Model 

• Logging and monitoring 

• Experience with ticketing systems (ServiceNow, Jira, FreshService, etc.) 

• Strong documentation and communication skills 

• Willingness to work in 24×7 rotational shifts and on-call schedules

Experience & Qualifications

• 1–5+ years of experience in SOC, NOC, Cloud Operations, or IT Operations

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or equivalent experience 

• Experience working in production / enterprise environments preferred 

Preferred Certifications

• Security+, Network+, CCNA, ITIL Foundation 

• Cloud certifications (AWS, Azure, GCP) 

Key Attributes

• Incident-driven and process-oriented mindset 

• Ability to operate under pressure during outages or security incidents 

• Strong analytical and troubleshooting skills 

• Clear written and verbal communication 

• Team-oriented with disciplined escalation practices