Engineer-Cybersecurity
Birlasoft · Noida, Uttar Pradesh, India
Birlasoft · Noida, Uttar Pradesh, India
Area(s) of responsibility - Continuously monitor SIEM, EDR, IDS/IPS, firewalls, and log sources for suspicious activity. - Perform initial triage and classification of alerts based on severity, scope, and impact. - Escalate validated incidents to L2 SOC analysts in line with SOC playbooks and escalation matrix. - Verify log ingestion and forwarding from SIEM, EDR, IDS/IPS, and other security platforms. - Identify tool or data gaps and escalate to L2 SOC or security engineering teams. - Maintain accurate and detailed incident records, triage notes, and escalation details. - Document recurring false positives and suggest playbook improvements. - Create and update tickets in the SOC case management system. - Serve as the first point of contact for customer-reported security incidents. - Perform preliminary analysis of suspicious emails, URLs, and attachments. - Follow MSSP and customer-specific SLA-driven escalation workflows. - Review vulnerability scan reports and escalate high-severity findings to L2/security engineers. - Experience in Vulnerability management - Assist in preparing daily/weekly SOC dashboards, reports, and metrics for management and customers.