- A Detection and Response Engineer is a critical member of the cybersecurity team, responsible for designing, implementing, and maintaining systems and methodologies for detecting and responding to cyber threats. This professional plays a central role in identifying vulnerabilities, monitoring network activities, and ensuring the organization's digital assets are safeguarded against malicious actors.
Key Responsibilities
Threat Detection and Analysis
- Develop and maintain log collection, analysis, and monitoring systems to identify suspicious activities.
- Analyze network traffic, endpoint data, and system logs to detect anomalies and indicators of compromise (IoCs).
- Identify emerging threats and vulnerabilities by staying updated with the latest intelligence and threat trends.
Incident Response
- Collaborate with SOC analysts to investigate and respond to security incidents.
- Provide technical expertise in triaging and resolving incidents while minimizing impact on operations.
- Design and document incident response procedures for rapid and effective action.
Automation and Tool Development
- Develop scripts and tools to automate repetitive detection tasks and enhance operational efficiency.
- Integrate detection and monitoring tools seamlessly into the company's IT infrastructure.
- Test and fine-tune monitoring tools to optimize accuracy and performance.
Collaboration and Communication
- Work closely with the IT, network, and development teams to ensure security best practices are implemented.
- Communicate findings and recommendations effectively to stakeholders, including non-technical audiences.
- Contribute to the creation of educational materials and workshops to train staff on cybersecurity awareness.
Required Skills and Qualifications
Technical Expertise
- Proficiency in Microsoft tools and platforms, such as Microsoft Sentinel (formerly Azure Sentinel) for SIEM operations, Defender for Endpoint, and Microsoft Cloud App Security.
- Strong understanding of Microsoft networking protocols, Active Directory, Azure environments, and firewall configurations using Microsoft solutions.
- Experience with scripting in PowerShell for automation, debugging, and enhancing Microsoft tool functionality.
Analytical and Problem-Solving Skills
- Ability to analyze complex datasets from Microsoft tools and extract actionable intelligence.
- Strong troubleshooting skills to identify root causes of potential threats within Microsoft environments.
- Proven ability to think critically under pressure and make sound decisions during incidents.
Educational Background
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
- Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CEH (Certified Ethical Hacker), CISSP, or GIAC preferred.
Experience
- Minimum of 2-3 years of experience in cybersecurity, SOC operations, or a similar role, preferably with expertise in Microsoft security tools.
- Hands-on experience with threat intelligence platforms and detection methodologies using Microsoft Azure and Defender products.
- Proven track record of minimizing threats and vulnerabilities in previous positions.
Key Attributes
- Attention to Detail: Ensure accuracy in identifying and documenting threats and incidents.
- Adaptability: Respond effectively to the dynamic and evolving landscape of cybersecurity threats.
- Team Collaboration: Work seamlessly with other cybersecurity professionals and business units.
- Continuous Learning: Eager to stay informed about the latest tools, technologies, and threat intelligence.
Work Location : Mumbai/Bangalore (remote)
Joining time needed : 30 days
We have great people here and are looking for more. Come join us!
Follow us:
Facebook
Instagram
LinkedIn
X
YouTube
Equal Employment Opportunities at First Advantage
First Advantage is an equal opportunity employer. We are committed to providing a workplace and recruitment process that is free from unlawful discrimination, harassment, and retaliation. Employment decisions at First Advantage are based solely on qualifications, merit, and business needs. We do not discriminate in any aspect of employment on the basis of race, color, national origin, ancestry, citizenship, religion, creed, sex, gender identity, gender expression, sexual orientation, marital or family status, pregnancy, age, physical or mental disability, medical condition, genetic information, veteran or military status, or any other characteristic protected by applicable law.
