Software Engineer

• Collaborate with Incident Response teams across Bangalore and Dublin to monitor Protect/Detect/Response capabilities.
• Serve as Incident Commander during US working hours, coordinating with business stakeholders, Incident Response, and forensic teams to rapidly and effectively resolve information security incidents.
• Investigate incidents to identify root causes and document lessons learned.
• Preferably, possess IT forensic skills to perform network and host-based forensics for incident root cause analysis.
• Track, report incident status, and drive rapid resolution of incidents related to information risk management controls.
• Liaise with authorities to support investigations and prosecutions when appropriate.
• Take ownership of Security Operations tooling; manage SOC tools in business-as-usual operations and implement use cases to ensure smooth functioning of Security Operations and Response teams.
• Identify and resolve issues affecting critical SOC technologies, applying automation to prevent incident recurrence.
• Partner with Security Engineering teams to improve security posture, address risk, and solve scalability challenges.
• Develop and implement proactive solutions to prevent potential problems before they occur.
• Emphasize automation: eliminate manual processes by investigating causes and instituting permanent fixes.
• Build analytics and self-service tools to empower Incident Response teams with actionable data, enabling quick response times.
• Mentor fellow SOC engineers, shape our technical culture, and contribute to the growth of our team.

Qualifications:

• Degree in Computer Science, Software Engineering, Information Technology, Cybersecurity, or a related field preferred.
• 3+ years of relevant experience in a SOC environment investigating cybersecurity incidents; DevSecOps or CloudOps experience is a plus.
• Experience managing and responding to security incidents in cloud environments.
• Strong working knowledge of at least one public cloud platform such as AWS, Azure, or GCP is required.
• Solid understanding of Security Operations tools, Security Engineering, Linux/Unix operating systems, and underlying components.
• Networking fundamentals knowledge.
• Experience in log management and dashboard creation using tools like Elastic Stack, Sumo Logic, or Grafana Cloud.
• Hands-on experience maintaining security tools such as SIEM, ELK, Splunk, XDR, Web Application Firewalls (WAF), Key Management Systems (KMS), and Identity and Access Management (IAM) tools.
• Strong analytical skills, mental resilience, and the ability to think systematically under pressure.
• Highly accountable with a strong sense of ownership.
• Excellent work ethic, integrity, team-oriented, and a continuous learner.
• Strong interpersonal skills enabling effective communication and collaboration organization-wide