We are seeking a skilled and proactiveCyber Security Engineer (L2)with 5–7 years of hands-on experience in cybersecurity operations, monitoring, incident response, and security engineering. The ideal candidate will play a key role in identifying, analyzing, and mitigating security threats while supporting and improving the organization’s overall security posture.
Monitor, analyze, and respond to security alerts and incidents escalated from L1 teams.
Perform in-depth investigation of security incidents, including malware infections, phishing attacks, data breaches, and unauthorized access attempts.
Conduct root cause analysis and recommend corrective and preventive actions.
Configure, manage, and fine-tune security tools such as SIEM, EDR/XDR, IDS/IPS, DLP, WAF, and vulnerability management tools.
Perform vulnerability assessments and support remediation efforts in coordination with IT and application teams.
Develop, update, and maintain incident response playbooks, standard operating procedures (SOPs), and security documentation.
Support threat hunting activities by analyzing logs, network traffic, and endpoint behavior.
Assist in security audits, risk assessments, and compliance activities (ISO 27001, SOC 2, PCI DSS, etc.).
Collaborate with cross-functional teams to implement security controls and best practices.
Provide guidance and mentoring to L1 security analysts.
Stay current with emerging threats, vulnerabilities, and industry trends.
Requirements
5–7 years of experience in cybersecurity operations, SOC, or security engineering roles.
Strong knowledge of security concepts including network security, endpoint security, IAM, encryption, and secure architectures.
Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel, ArcSight).
Experience with endpoint security tools (EDR/XDR) and network security solutions (firewalls, IDS/IPS, VPNs).
Solid understanding of operating systems (Windows, Linux) and networking fundamentals (TCP/IP, DNS, HTTP/S).
Experience in incident response, log analysis, and threat investigation.
Familiarity with vulnerability scanning tools (Nessus, Qualys, Rapid7) and remediation processes.
Knowledge of common attack frameworks such as MITRE ATT&CK.
Good scripting knowledge (Python, PowerShell, or Bash) is an added advantagePreferred Certifications:
CEH, Security+, CySA+, or equivalent
CISSP (preferred but not mandatory)
GIAC certifications (GCIH, GCED, GCIA) – added advantage