We are seeking a skilled and proactive Cyber Security Engineer (L2) with 5–7 years of hands-on experience in cybersecurity operations, monitoring, incident response, and security engineering. The ideal candidate will play a key role in identifying, analyzing, and mitigating security threats while supporting and improving the organization’s overall security posture.
• Monitor, analyze, and respond to security alerts and incidents escalated from L1 teams.
• Perform in-depth investigation of security incidents, including malware infections, phishing attacks, data breaches, and unauthorized access attempts.
• Conduct root cause analysis and recommend corrective and preventive actions.
• Configure, manage, and fine-tune security tools such as SIEM, EDR/XDR, IDS/IPS, DLP, WAF, and vulnerability management tools.
• Perform vulnerability assessments and support remediation efforts in coordination with IT and application teams.
• Develop, update, and maintain incident response playbooks, standard operating procedures (SOPs), and security documentation.
• Support threat hunting activities by analyzing logs, network traffic, and endpoint behavior.
• Assist in security audits, risk assessments, and compliance activities (ISO 27001, SOC 2, PCI DSS, etc.).
• Collaborate with cross-functional teams to implement security controls and best practices.
• Provide guidance and mentoring to L1 security analysts.
• Stay current with emerging threats, vulnerabilities, and industry trends.
Requirements
• 5–7 years of experience in cybersecurity operations, SOC, or security engineering roles.
• Strong knowledge of security concepts including network security, endpoint security, IAM, encryption, and secure architectures.
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel, ArcSight).
• Experience with endpoint security tools (EDR/XDR) and network security solutions (firewalls, IDS/IPS, VPNs).
• Solid understanding of operating systems (Windows, Linux) and networking fundamentals (TCP/IP, DNS, HTTP/S).
• Experience in incident response, log analysis, and threat investigation.
• Familiarity with vulnerability scanning tools (Nessus, Qualys, Rapid7) and remediation processes.
• Knowledge of common attack frameworks such as MITRE ATT&CK.
• Good scripting knowledge (Python, PowerShell, or Bash) is an added advantage Preferred Certifications:
• CEH, Security+, CySA+, or equivalent
• CISSP (preferred but not mandatory)
• GIAC certifications (GCIH, GCED, GCIA) – added advantage
