Security Operations Center Engineer

Infosys•Richardson, TX

About The Position

In the assigned Job Role of Technology Consultant 2, your Area Of Responsibility will be as below: ⦁ Contribute to the requirements elicitation process by documenting assigned parts of business requirements, in line with guidance provided ⦁ Facilitate software application design discussions, and document design decisions to guide the technical team towards building software solutions ⦁ Participate in coding and integrate new features or updates into existing applications, with a focus on maintaining system stability ⦁ Conduct code reviews, do changes to the codebase and maintain code repositories ⦁ Implement test strategies, analyse results, and coordinate bug fixes to uphold the software quality standards ⦁ Develop user training programs, documentation, and support frameworks to ensure a smooth transition to new software applications ⦁ Actively participate in resolving production issues and recommend preventive strategies to enhance system reliability ⦁ Maintain detailed records of code, testing techniques, and support activities to enrich the knowledge base and assist other similar projects Your contribution to the team: ⦁ A collaborative spirit and excellent communication skills. ⦁ The ability to handle end to end SDLC phases from requirement gathering to implementation. ⦁ A knack for translating complex requirements into actionable development tasks. ⦁ A passion for design and hands-on coding experience ⦁ A proactive approach to testing, troubleshooting, and refining our applications. ⦁ The ability to work with cross-functional teams and do software integration. This role is suited for a cybersecurity professional who can independently investigate alerts, contribute to threat detection improvements, and effectively collaborate with cross-functional teams. Perform in-depth analysis and investigation of security alerts using CrowdStrike (NGSIEM/EDR), Exabeam (SIEM/UEBA), WIZ, and Proofpoint Analyze and validate UEBA anomalies and behavioral threats to determine risk and drive appropriate response actions Support incident response activities for medium to high severity incidents, ensuring timely containment and remediation Assist in root cause analysis (RCA) and document findings from security incidents Tune and optimize SIEM rules, detection logic, and alert thresholds to reduce false positives and enhance detection accuracy Identify detection gaps and contribute to basic threat hunting and use case development Participate in incident bridge calls and coordinate with internal teams during active incidents Collaborate with SOC, Incident Response, Threat Intelligence, Cloud, IAM, and Infrastructure teams Provide clear and concise updates to stakeholders and maintain accurate incident documentation Maintain and update runbooks, playbooks, and knowledge base articles Stay current on emerging threats and attacker techniques aligned to MITRE ATT&CK framework Demonstrates sound judgment in escalating and responding to incidents Communicates effectively with technical teams and stakeholders

Requirements

Bachelor’s degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.
Candidates authorized to work for any employer in the United States without employer-based visa sponsorship are welcome to apply.
A collaborative spirit and excellent communication skills.
The ability to handle end to end SDLC phases from requirement gathering to implementation.
A knack for translating complex requirements into actionable development tasks.
A passion for design and hands-on coding experience
A proactive approach to testing, troubleshooting, and refining our applications.
The ability to work with cross-functional teams and do software integration.
This role is suited for a cybersecurity professional who can independently investigate alerts, contribute to threat detection improvements, and effectively collaborate with cross-functional teams.
Perform in-depth analysis and investigation of security alerts using CrowdStrike (NGSIEM/EDR), Exabeam (SIEM/UEBA), WIZ, and Proofpoint
Analyze and validate UEBA anomalies and behavioral threats to determine risk and drive appropriate response actions
Support incident response activities for medium to high severity incidents, ensuring timely containment and remediation
Assist in root cause analysis (RCA) and document findings from security incidents
Tune and optimize SIEM rules, detection logic, and alert thresholds to reduce false positives and enhance detection accuracy
Identify detection gaps and contribute to basic threat hunting and use case development
Participate in incident bridge calls and coordinate with internal teams during active incidents
Collaborate with SOC, Incident Response, Threat Intelligence, Cloud, IAM, and Infrastructure teams
Provide clear and concise updates to stakeholders and maintain accurate incident documentation
Maintain and update runbooks, playbooks, and knowledge base articles
Stay current on emerging threats and attacker techniques aligned to MITRE ATT&CK framework
Demonstrates sound judgment in escalating and responding to incidents
Communicates effectively with technical teams and stakeholders

Nice To Haves

Analytical and problem-solving skills
Exposure to threat hunting and detection engineering concepts
Experience working in global SOC environments (onshore/offshore model)
Fundamental knowledge of cloud (Azure)

Responsibilities

Contribute to the requirements elicitation process by documenting assigned parts of business requirements, in line with guidance provided
Facilitate software application design discussions, and document design decisions to guide the technical team towards building software solutions
Participate in coding and integrate new features or updates into existing applications, with a focus on maintaining system stability
Conduct code reviews, do changes to the codebase and maintain code repositories
Implement test strategies, analyse results, and coordinate bug fixes to uphold the software quality standards
Develop user training programs, documentation, and support frameworks to ensure a smooth transition to new software applications
Actively participate in resolving production issues and recommend preventive strategies to enhance system reliability
Maintain detailed records of code, testing techniques, and support activities to enrich the knowledge base and assist other similar projects
Perform in-depth analysis and investigation of security alerts using CrowdStrike (NGSIEM/EDR), Exabeam (SIEM/UEBA), WIZ, and Proofpoint
Analyze and validate UEBA anomalies and behavioral threats to determine risk and drive appropriate response actions
Support incident response activities for medium to high severity incidents, ensuring timely containment and remediation
Assist in root cause analysis (RCA) and document findings from security incidents
Tune and optimize SIEM rules, detection logic, and alert thresholds to reduce false positives and enhance detection accuracy
Identify detection gaps and contribute to basic threat hunting and use case development
Participate in incident bridge calls and coordinate with internal teams during active incidents
Collaborate with SOC, Incident Response, Threat Intelligence, Cloud, IAM, and Infrastructure teams
Provide clear and concise updates to stakeholders and maintain accurate incident documentation
Maintain and update runbooks, playbooks, and knowledge base articles
Stay current on emerging threats and attacker techniques aligned to MITRE ATT&CK framework
Demonstrates sound judgment in escalating and responding to incidents
Communicates effectively with technical teams and stakeholders