SecOps Lead/Engineer Location: India What You?ll Need 5+ years" experience working in cyber security Experience with incident detection and remediation Strong working knowledge of threat vectors, vulnerabilities, and what anomalies to look for Strong working knowledge of Linux and/or Windows logs & indicators SIEM experience, both building rules and responding to alerts. One or more scripting languages: Bash, Python, Perl, PowerShell, etc. Hands-on Experience with incident response and monitoring tools, such as SIEM, EDR, Firewall Management. Excellent communication skills, especially the ability to communicate security risks in ?business? rather than purely ?engineering? What You?ll Do Logging - Get all security relevant cloud, infrastructure and application logs in a parsed format to a unified destination that has good data retention Detection - Install security agents including Endpoint Detection & Response on all servers and workstation, set up detection and prevention rules and policies, POC and deploy tools that help with detection, tune/audit deployed rules/policies in security tools on true and false positives, setting up a detection framework Response - Build plan and procedures for Incident Response, create playbooks to be followed, automate response, develop/deploy malware analysis tools and techniques, forensic tools and techniques to capture evidence/malware, POC and deploy tools that help with response, integrate with customer service teams and engineering teams etc. Build security alerts & dashboards in various incident response tools Monitor for suspicious activities/alerts in the cloud/infrastructure/application from various sources such as internal reports from employees as well as external reports such as customers/social media, vendors, partners, bug bounty programs etc., deployed/integrated security tools, data visualization tools etc. Analyze these suspicious activities/alerts including malware analysis and forensics Respond to them i.e. take appropriate action Roam the dark web using our OSINT & other threat intelligence tools to Look for unknown compromises of any part of project Latest attack trend and create detections and prevention mechanisms Attack on our supplier/partner/vendor, assess impact and take corrective action i.e. identify and respond to supply chain attacks or loss of PII - SecOps Lead