Information Security Engineer(SOC/SIEM(Splunk, CrowdStrike, Scripting)

Description

As an Information Security Engineer II, you will serve as a key contributor in security operations, combining core analyst responsibilities with light engineering tasks. You will monitor and respond to security events, support vulnerability and application security efforts, and contribute to automation and tool optimization initiatives. This role is ideal for professionals with strong analytical skills and a foundational understanding of scripting and security tooling.

Key Responsibilities

Essential job functions include but are not limited to the following:

Security Operations & Incident Response

• Monitor and analyze security alerts from SIEM, EDR, and vulnerability scanners.
• Assist in investigating medium to high-severity incidents with guidance.
• Contribute to incident response playbook updates and automation improvements.
• Correlate threat intelligence with internal events to assess impact.
• Support forensic analysis and evidence collection with MDR/MSSP partners.

Security Engineering & Automation

• Develop basic scripts (e.g., Python, PowerShell) to automate repetitive security tasks.
• Support integration and tuning of security tools (SIEM, SOAR, EDR).
• Assist in building dashboards and reports for security metrics.

Application Security Support

• Review and validate automated scan results (e.g., Veracode).
• Identify false positives and provide remediation guidance.
• Support CI/CD pipeline security integration and issue resolution.

Vulnerability Management

• Conduct CVE research and impact analysis using CVSS scoring.
• Assist in prioritizing and tracking remediation efforts.
• Support development of vulnerability dashboards and reports.

Compliance & Documentation

• Support audit and compliance activities by maintaining documentation.
• Contribute to security procedures, knowledge base articles, and metrics reporting.

Team Collaboration & Mentorship

• Mentor junior team members on investigation and documentation practices.
• Participate in onboarding and knowledge sharing activities.
• Contribute to team process improvements and tool evaluations.

Knowledge, Skills And Abilities

• 3 - 5 years of experience as an Information Security Engineer
• Experience in network security fundamentals (TCP/IP, SSL, PKI, RADIUS, DNS, routing/switching)
• Proficiency with multiple tools related to SOC / SIEM, such as Splunk, CrowdStrike.
• Proficiency with multiple security tools Check Point, Cisco ASA, Imperva WAF, Carbon Black/ , Forcepoint, Qualys
• Intermediate scripting capabilities in PowerShell, Python, or shell scripting with ability to develop basic automation
• Good knowledge of security vulnerabilities, attack vectors, and the OWASP Top 10
• Solid understanding of operating systems security for both Windows and Linux environments, and, working knowledge of cloud security concepts, preferably AWS
• Proficient in Git, GitLab, and commercial software scanning solutions
• Good knowledge of Agile planning processes and associated tools (Jira, Rally, Confluence)
• Familiarity with ServiceNow for case management and workflow development
• Solid knowledge of threat modeling methodologies
• Good understanding of the NVD, CVEs, and CVSS 3.0 scoring systems
• Knowledge of incident response practices and basic forensic analysis techniques
• Understanding of APIs and common security implementation methods
• Strong communication skills with ability to present security topics to technical and business audiences
• Developing leadership and mentoring capabilities
• Good analytical thinking and problem-solving skills
• Ability to work independently with moderate supervision
• Basic project coordination skills

Qualifications

• B.Tech/B.E. in Computer Science, Information Technology, Electronics & Communication, or related engineering discipline, or equivalent combination of education and working information security experience required
• Minimum 3.5-5 years of Information Security experience or 3-5 years of Information Technology experience
• Minimum 2 years of hands-on experience with programming or scripting in languages such as JavaScript, Python
• Security certifications such as Security+, SSCP, or progress toward CISSP/SANS GIAC certifications preferred
• Demonstrated experience in mentoring or coordinating with technical team members

Additional Requirements and Details:

• Located and working from the Hyderabad office
• Able to work at least a portion of the day when US offices are open
• Participate in on-call rotation for critical security incidents
• Occasional lifting and/or moving up to 10 pounds
• Frequent repetitive hand and arm movements required to operate a computer
• Specific vision abilities required by this job include close vision (working on a computer, etc.)
• Frequent sitting and/or standing