Security Operations Center Engineer

Infosys•Richardson, TX

4h•Onsite

About The Position

In the assigned Job Role of Technology Consultant 2, your Area Of Responsibility will be as below: ⦁ Contribute to the requirements elicitation process by documenting assigned parts of business requirements, in line with guidance provided ⦁ Facilitate software application design discussions, and document design decisions to guide the technical team towards building software solutions ⦁ Participate in coding and integrate new features or updates into existing applications, with a focus on maintaining system stability ⦁ Conduct code reviews, do changes to the codebase and maintain code repositories ⦁ Implement test strategies, analyse results, and coordinate bug fixes to uphold the software quality standards ⦁ Develop user training programs, documentation, and support frameworks to ensure a smooth transition to new software applications ⦁ Actively participate in resolving production issues and recommend preventive strategies to enhance system reliability ⦁ Maintain detailed records of code, testing techniques, and support activities to enrich the knowledge base and assist other similar projects Your contribution to the team: ⦁ A collaborative spirit and excellent communication skills. ⦁ The ability to handle end to end SDLC phases from requirement gathering to implementation. ⦁ A knack for translating complex requirements into actionable development tasks. ⦁ A passion for design and hands-on coding experience ⦁ A proactive approach to testing, troubleshooting, and refining our applications. ⦁ The ability to work with cross-functional teams and do software integration. Perform in-depth analysis and investigation of security alerts using tools such as CrowdStrike (EDR/NGSIEM), Exabeam (SIEM/UEBA), Wiz, Mimecast, and McAfee Web Gateway Analyze and validate UEBA anomalies and behavioral threats to assess risk and initiate appropriate response actions Support incident response activities for medium- to high-severity incidents, ensuring timely containment and remediation Conduct root cause analysis (RCA) and document findings from security incidents Tune and optimize SIEM rules, detection logic, and alert thresholds to reduce false positives and improve detection accuracy Identify detection gaps and contribute to threat hunting initiatives and use case development Participate in incident bridge calls and coordinate with internal teams during active incidents Collaborate with SOC, Incident Response, Threat Intelligence, Cloud, IAM, and Infrastructure teams Provide clear, concise updates to stakeholders and maintain accurate incident documentation Maintain and update runbooks, playbooks, and knowledge base articles Stay updated on emerging threats and attacker techniques aligned with the MITRE ATT&CK framework Exercise sound judgment in incident escalation and response Communicate effectively with technical teams and business stakeholders

Requirements

Proven experience in SOC operations, Incident Response, or Threat Hunting, Certificate management, Vulnerability management with the ability to independently handle critical incidents
Hands-on experience with: o CrowdStrike (EDR/NGSIEM) o Exabeam (SIEM/UEBA) o Wiz (Cloud Security) o Mimecast o McAfee Web Gateway o Rapid7 Nexpose, Tenable (Vulnerability Management) o Sectigo (Certificate Management)
Strong understanding of the incident response lifecycle, threat detection techniques, and MITRE ATT&CK framework
Experience in log analysis, SIEM query development, and detection/rule tuning
Excellent client communication, reporting, and cross-team collaboration skills (onshore-offshore model)
Strong analytical thinking, ownership mindset, and ability to work under pressure
Flexibility to support on-call requirements as needed
Bachelor’s degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
Candidates authorized to work for any employer in the United States without employer-based visa sponsorship are welcome to apply.

Nice To Haves

A collaborative spirit and excellent communication skills.
The ability to handle end to end SDLC phases from requirement gathering to implementation.
A knack for translating complex requirements into actionable development tasks.
A passion for design and hands-on coding experience
A proactive approach to testing, troubleshooting, and refining our applications.
The ability to work with cross-functional teams and do software integration.

Responsibilities

Contribute to the requirements elicitation process by documenting assigned parts of business requirements, in line with guidance provided
Facilitate software application design discussions, and document design decisions to guide the technical team towards building software solutions
Participate in coding and integrate new features or updates into existing applications, with a focus on maintaining system stability
Conduct code reviews, do changes to the codebase and maintain code repositories
Implement test strategies, analyse results, and coordinate bug fixes to uphold the software quality standards
Develop user training programs, documentation, and support frameworks to ensure a smooth transition to new software applications
Actively participate in resolving production issues and recommend preventive strategies to enhance system reliability
Maintain detailed records of code, testing techniques, and support activities to enrich the knowledge base and assist other similar projects
Perform in-depth analysis and investigation of security alerts using tools such as CrowdStrike (EDR/NGSIEM), Exabeam (SIEM/UEBA), Wiz, Mimecast, and McAfee Web Gateway
Analyze and validate UEBA anomalies and behavioral threats to assess risk and initiate appropriate response actions
Support incident response activities for medium- to high-severity incidents, ensuring timely containment and remediation
Conduct root cause analysis (RCA) and document findings from security incidents
Tune and optimize SIEM rules, detection logic, and alert thresholds to reduce false positives and improve detection accuracy
Identify detection gaps and contribute to threat hunting initiatives and use case development
Participate in incident bridge calls and coordinate with internal teams during active incidents
Collaborate with SOC, Incident Response, Threat Intelligence, Cloud, IAM, and Infrastructure teams
Provide clear, concise updates to stakeholders and maintain accurate incident documentation
Maintain and update runbooks, playbooks, and knowledge base articles
Stay updated on emerging threats and attacker techniques aligned with the MITRE ATT&CK framework
Exercise sound judgment in incident escalation and response
Communicate effectively with technical teams and business stakeholders