Security Operation Technical Engineer- Infra Operations

JOB PURPOSE

The role ensures the integrity, confidentiality, and availability of critical IT services by proactively identifying vulnerabilities, responding to security incidents, and enforcing industry best practices, standards, and compliance requirements.

SUMMARY OF RESPONSIBILITIES

The IT Infrastructure – Security Operation Technical Engineer- Infra Operations, has responsibilities in the following areas:

• Monitor security tools (SIEM, IDS/IPS, EDR, DLP) to detect and respond to threats in real time
• Analyze security alerts and logs to identify potential incidents or anomalies
• Perform threat hunting and proactive monitoring to prevent breaches

• Investigate, contain, and remediate security incidents
• Perform root cause analysis and document incident reports
• Coordinate incident response activities with internal teams and external vendors

• Implement and maintain security controls across servers, networks, cloud, and endpoints
• Harden systems and ensure secure configurations (OS, databases, applications)
• Manage firewalls, VPNs, WAF, and network security devices
• Help Implement Minimum Baseline Security Standard-MBSS for All applications, infrastructure, and endpoints

• Help resolve vulnerability scans and risk assessments
• Prioritize and remediate vulnerabilities based on risk level
• Ensure timely patching of operating systems, applications, and firmware

• Manage user access, roles, and privileges following least-privilege principles (Access Matrix)
• Monitor and audit access controls, authentication, and authorization mechanisms
• Support implementation of MFA and privileged access management (PAM)
• Help create and update Access Management Policy

• Ensure infrastructure aligns with security policies, standards, and regulations (e.g., ISO 27001, NIST, PCI-DSS)
• Assist in audits, compliance reviews, and risk assessments
• Maintain documentation and security procedures

• Secure on-premise and cloud environments (AWS,Alibaba)
• Implement network segmentation, zero trust principles, and secure architectures
• Monitor cloud security posture and address misconfigurations

• Administer and optimize security tools (SIEM, SOAR, EDR, AV, vulnerability scanners)
• Evaluate and recommend new security technologies and solutions
• Automate security processes where applicable

• Work with IT Security Manager, IT operations, DevOps, and application teams to integrate security into systems
• Help Provide technical guidance on security best practices
• Support business continuity and disaster recovery planning

• Generate reports on security incidents, risks, and compliance status
• Track KPIs and metrics to improve security operations
• Continuously enhance security posture through lessons learned and improvements

1. EDUCATION & EXPERIENCE

• Bachelor's degree in information technology, Computer Science, Cybersecurity, or a related field
• Equivalent practical experience may be considered.

Relevant certifications (preferred but not required):

• CompTIA Security+ / CySA+
• Certified Ethical Hacker (CEH)
• GIAC (GSEC, GCIA, GCIH)
• CISSP (for senior roles)
• Microsoft Security Certifications (e.g., SC-200, SC-300)
• Cisco CyberOps / CCNA Security
• Cloud Security Certifications- (AWS, Alibaba, Azure)

3–5+ years of experience in:

• IT Infrastructure Security
• Security Operations Center (SOC)
• Cybersecurity engineering or incident response

Hands-on experience with:

• SIEM
• Endpoint Detection & Response (EDR/XDR) tools CrowdStrike/Kaspersky
• Network security tools (firewalls, IDS/IPS) Sophos, Fortinet, Cisco-Networks, Ruckus Wireless

Proven experience in:

• Incident detection, analysis, and response
• Threat hunting and forensic investigation
• Log analysis and correlation