Key Responsibilities:

1. Security Tool Engineering & Management

●       Lead the design, implementation, and maintenance of core security platforms, including SIEM, EDR or XDR, SOAR, and Threat Intelligence Platforms.

●       Develop and fine-tune SIEM correlation rules, dashboards, alerts, and integrate new log sources.

●       Manage and optimize EDR or MDR or Intune agents, ensure full coverage, and report and remediate tooling gaps.

●       Oversee Cisco Umbrella monitoring, alert response, URL policy configurations, and tuning.

●       Manage MDM or MAM or UEM platforms, including device enrollment, configuration, compliance, lifecycle, and app deployments.

●       Support and maintain MFA tooling (Cisco Duo) and implement SSO integrations for applications.

●       Perform certificate and public key infrastructure (PKI) administration.

2. Advanced Threat Detection, Monitoring & Hunting

●       Implement proactive threat hunting methodologies across endpoints, cloud, and network.

●       Conduct in-depth forensic analysis, log analysis, and packet analysis to detect sophisticated attacks.

●       Monitor and respond to SIEM and EDR alerts during 12×5 operations with on-call escalation for critical alerts.

3. Vulnerability & Patch Management Governance

●       Govern remediation activity from bi-weekly vulnerability scans and penetration tests.

●       Coordinate with IT for patch management compliance across operating systems and applications.

4. Email Security Engineering (Proofpoint or SPF or DKIM orDMARC)

●       Design, configure, and manage email security solutions to protect inbound or outbound mail.

●       Monitor Proofpoint alerts, tune filters, and manage DLP policies.

5. Device Security, Compliance & Enrollment

●       Manage device provisioning, enrollment, policy enforcement, and secure configuration baselines.

●       Oversee BYOD security, selective wipe, mobile application security, and compliance enforcement.

6. Incident Response & Governance

●       Lead incident triage, containment, eradication, and recovery actions.

●       Conduct root cause analysis and provide executive-level reporting.

7. Governance, SOP Development & Compliance

●       Create and maintain SOPs, KB articles, and documentation aligned to security frameworks.

●       Participate in annual security audits, assisting with evidence gathering and auditor engagement.

8. Security Awareness & Training (KnowBe4 Governance)

●       Oversee governance of KnowBe4 user awareness training, enrollment, and campaign assignments.

●       Track compliance, escalate per SOP, and generate training & phishing metrics.

●       Create awareness communications and align training with current threat trends.

9. Mentorship & Leadership

●       Contribute to the security program strategy, technology evaluations, and process improvements.

●       Conduct knowledge-sharing sessions and maintain internal training materials.

Required Qualifications:

●       Minimum 8 years of experience in security engineering, operations, or similar role.

●       Strong background in incident response, threat hunting, and device security management.

Technical Skills:

●       Expert knowledge of security technologies including EDR, SIEM, MDM or UEM, MFA, PAM, DLP, and DNS filtering.

●       Strong understanding of NIST CSF, CIS Controls, and MITRE ATT&CK.

Soft Skills:

●       Excellent communication and documentation skills.

●       Strong analytical abilities and high attention to detail.

●       Ability to work in high-pressure environments and manage on-call escalations.

●       Collaborative mindset with the ability to work cross-functionally.

Education & Certifications:

●       Bachelor's degree or equivalent experience.

●       Good to have certifications: CISSP, GIAC (GCIH, GCFA, GCTI), OSCP, or tool-specific certifications (Splunk, Sentinel, CrowdStrike, Intune, Proofpoint, Zscaler, CyberArk, etc.)

Work Timing: EST Hours – US work timing

Work Location: Chennai, Pune, Bangalore – Work from office