A

Security Engineer III

Anaplan · Gurugram, India

~₹35L (est.)6–14 yrs experiencePosted 3 days ago
Apply now →

Job description

At Anaplan, we are a team of innovators focused on optimizing business decision-making through our leading AI-infused scenario planning and analysis platform so our customers can outpace their competition and the market. What unites Anaplanners across teams and geographies is our collective commitment to our customers’ success and to our Winning Culture. Our customers rank among the who’s who in the Fortune 50. Coca-Cola, LinkedIn, Adobe, LVMH and Bayer are just a few of the 2,400+ global companies who rely on our best-in-class platform. Our Winning Culture is the engine that drives our teams of innovators. We champion diversity of thought and ideas, we behave like leaders regardless of title, we are committed to achieving ambitious goals, and we love celebrating our wins – big and small. Supported by operating principles of being strategy-led, values-based and disciplined in execution, you’ll be inspired, connected, developed and rewarded here. Everything that makes you unique is welcome; join us and let’s build what’s next - together! What you’ll be doing: As a Senior Security Engineer embedded within the Security Operations team,you will design, build, and continuously improve the technical capabilities that underpin how we detect, investigate, and respond to threats. You will work at the intersection of engineering and operations — turning security problems into scalable, automated solutions. Your core responsibilities will be to: • SIEM Engineering: Own the engineering of our SIEM platform, includingonboarding and normalizing log sources, building and maintaining,parsers, and ensuring high-fidelity data pipelines that underpin, detection and investigation. Work to continuously improve log coverage,data quality, and platform performance. • Detection Engineering: Design, develop, and maintain a library of high-quality detections using a Detection as Code methodology — managingdetection content through version control, peer review, and automated, testing pipelines. Map detections to the MITRE ATT&CK framework and work to continuously improve coverage, precision, and resilience against evasion. • SOAR & Automation: Build and maintain automated workflows and playbooks using SOAR platforms to streamline alert triage, enrichment, and response. Identify manual and repetitive processes across the security operations lifecycle and engineer solutions that allow the team to operate at scale. • AI-Augmented Security Operations: Explore and operationalize the use of AI and machine learning to enhance security operations capabilities— including alert triage, incident response acceleration, threat intelligence analysis, threat hunting, and the enrichment and prioritization of detection content. Evaluate emerging AI tooling and work to embed it responsibly into team workflows. • Threat Intelligence Integration: Consume and operationalize threat intelligence from internal and external sources, integrating indicators and adversary context into detection logic, SOAR playbooks, and hunting activities. Work with threat intelligence feeds and platforms to ensure actionable intelligence flows into security operations in a timely and structured way. • Threat Hunting: Conduct proactive, hypothesis-driven threat hunts across the environment to identify attacker activity that evades existing detections. Document and share findings in a structured way, using hunt outcomes to directly inform and improve detection engineering and tooling. • Incident Response Support: Provide engineering-level support during security incidents, assisting with investigation, containment, and recovery. Contribute to post-incident reviews and translate lessons learned into improved detections, playbooks, and tooling. What you’ll bring to the role: We are looking for a technically strong security professional with hands-on experience building and operating security capabilities in complex environments. The ideal candidate will possess: • Technical Security Experience: Significant experience in a security engineering, DevSecOps, or equivalent role with a strong background in securing cloud-native environments and modern application stacks. • Detection & Response Skills: Practical experience developing and tuning SIEM detections, writing threat hunting queries, and participating in incident response activities. • SecOps Tooling: Hands-on knowledge of administering and operating core security operations tools, including SIEM platforms (e.g. Splunk, Microsoft Sentinel), EDR/XDR solutions, vulnerability scanners, and ticketing or case management systems. Experience integrating these tools to support detection, investigation, and response workflows. • Threat Intelligence & Threat Hunting: Experience working with threat intelligence platforms and feeds (e.g. MISP, Recorded Future, VirusTotal), and integrating intelligence into security tooling, detection logic, and operational processes. A working knowledge of threat hunting methodologies and the ability to proactively identify indicators of compromise or attacker behavior across the environment is highly desirable. • Scripting & Automation: Proficiency in one or more scripting or programming languages (e.g. Python, Go, Bash) to build security tooling, automate workflows, and integrate security capabilities. • Appli