Position: Cybersecurity Engineer (L1 & L2)
Location: Gangtok, Sikkim (On-site)
Vacancies: 1 Candidate for Each Position
Department: Security Operations Centre (SOC)
Reporting To: SOC Manager
Role Overview
We are hiring L1 and L2 Cybersecurity Engineers to strengthen our SOC team in Gangtok, Sikkim. These roles are critical to monitoring, analyzing, and responding to security threats in real time. If you are passionate about cybersecurity, possess technical expertise, and seek to grow in a dynamic environment, we encourage you to apply.
Key Responsibilities
L1 Cybersecurity Engineer
- Monitoring and Analysis:
- Continuously monitor security alerts, events, and logs using SIEM tools.
- Analyze alerts to identify potential security incidents.
- Incident Handling:
- Perform initial triage of alerts and escalate confirmed incidents to L2/L3 teams.
- Respond to basic phishing, malware, and other low-level security incidents.
- Log Analysis:
- Review and analyze logs from firewalls, endpoints, and network devices.
- Documentation:
- Maintain detailed incident logs and ensure proper ticketing and reporting of all security events.
L2 Cybersecurity Engineer
- Threat Hunting and Incident Response:
- Conduct in-depth analysis and validation of escalated incidents from L1.
- Perform root cause analysis and recommend remediation strategies.
- Vulnerability Management:
- Analyze vulnerability scans and coordinate with IT teams for remediation.
- Advanced Log Analysis:
- Correlate logs from multiple sources to identify complex attack patterns.
- Threat Intelligence Integration:
- Leverage threat intelligence to improve detection rules and incident response.
- Tool Optimization:
- Fine-tune and optimize security tools such as SIEM, EDR, IDS/IPS.
- Reporting and Compliance:
- Prepare incident reports, compliance documentation, and management dashboards.
Required Qualifications
Academic Qualifications
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Master’s degree or specialization in Cybersecurity (preferred).
- Equivalent work experience may be considered in lieu of formal education.
Preferred Certifications
- L1:
- CompTIA Security+
- EC-Council Certified Ethical Hacker (CEH)
- Microsoft Security, Compliance, and Identity Fundamentals (SC-900)
- L2:
- Certified SOC Analyst (CSA)
- GIAC Certified Incident Handler (GCIH)
- Splunk Certified User or similar SIEM certifications
Required Technical Skills
For L1 Cybersecurity Engineer
- Hands-on experience with SIEM tools such as Splunk, IBM QRadar, or ArcSight.
- Basic knowledge of endpoint security solutions like CrowdStrike or Microsoft Defender.
- Familiarity with firewall monitoring tools (Palo Alto, Fortinet, or Check Point).
- Knowledge of TCP/IP, network protocols, and basic packet analysis tools like Wireshark.
- Basic understanding of phishing, malware, and social engineering attacks.
- Familiarity with incident ticketing systems (e.g., ServiceNow, JIRA).
For L2 Cybersecurity Engineer
- Proficiency in advanced SIEM usage (rule writing, log correlation, and threat hunting).
- Experience with EDR tools (e.g., SentinelOne, Carbon Black).
- Knowledge of intrusion detection and prevention systems (IDS/IPS).
- Familiarity with vulnerability management tools (e.g., Nessus, Qualys).
- Ability to interpret threat intelligence feeds and integrate them into detection workflows.
- Scripting and automation skills (Python, Bash, or PowerShell).
- Understanding of cybersecurity frameworks like NIST, MITRE ATT&CK, and ISO 27001.
Preferred Experience
- L1: 0-2 years of experience in SOC operations, IT security, or related fields.
- L2: 2-4 years of hands-on SOC experience or equivalent roles in cybersecurity.
Soft Skills
- Strong analytical and problem-solving abilities.
- Excellent communication and documentation skills.
- Ability to work under pressure and prioritize tasks effectively.
- Team-oriented mindset with a willingness to learn and adapt.