Cybersecurity Engineer Job in Quantiphi

Are you good at identifying & responding to security incidents, driving engineering efforts to minimize risk and skilled at threat hunting? If yes, then come join us as a SOC Analyst.

As a SOC Analyst, you will work as part of Quantiphi s Security Operations team to be the first line of defense. You will use various defense tools to conduct analysis, identify security incidents, help strengthen security controls and work with cross-functional teams with a customer-oriented approach to ensure that a secure workspace is provided to Quantiphi s workforce.

• Primarily responsible for ensuring smooth day to day operations of the SOC team including but not limited to, security event monitoringacross multiple public clouds, end points, applications, incident management and incident response
• Perform event correlationusing information gathered from a variety of sources to gain situational awareness to detect, confirm, contain, remediate, and recover from attacks.
• Provide timely detection, identification, and alertingof possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
• Analyze alertsfrom and manage security tools like VM, MDM, EDR, CNAPP, IDAM, etc. to determine weaknesses exploited, exploitation methods, effects on system and information; Perform root cause analysis to determine tactics, techniques, and procedures (TTPs) for intrusions.
• Assist in the construction of signatures or indicators of compromise (IOCs) which can be implemented on cyber defense network tools in response to new or observed threats
• NotifySOC manager and other stakeholders of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the cyber incident response plan and procedures.
• Documentongoing incidents, after action reports and escalate incidents.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
• Revise and develop processes to strengthen the current Security Operations Framework, Review SOPs and highlight the challenges in managing SLAs
• Use case fine tuning, alerting threshold fine tuning, defining new monitoring use cases.
• Responsible for integration of standard and non-standard logsin SIEM
• Work with cross-functional teams to resolve security incidents and vulnerability compliance.
• Prioritizing security vulnerabilitiesidentified in the tools based on business impact and update Security operations team for mitigating them
• Write technical reportsbased on findings
• Deciding the most relevant and applicable metricsfor measuring security effectiveness
• Stakeholder Management:
  • Liaison with external/internal ethical hacking / penetration testing teams
  • Prepare security effectiveness reports for customer / management
  • Follow up on closure of these gaps and escalate when necessary
  • Advise and consult with internal team and customers on risk assessment, threat modelling and fixing vulnerabilities
• Coordinate with security intelligence framework to obtain latest threats & vulnerabilities
• Incident Response efforts - evidence collection, documentation, communications, reporting, root cause analysis.
• Lead or contribute to security risk assessments that determine threats, consequences, and vulnerabilities to key assets, products, and services
• Recommend and drive additional security controls to meet current and future needs