Security Engineer

Job id - 1121275

Skills
Security Engineer

Job Description

Security Engineer (Information Security)


Minimum 8+ years of experience in Information Security, Cybersecurity, or a related domain
Preferred industry experience: FinTech, Banking, or IT
Experience: 8+ Years
Industry Preference: FinTech, Banking, IT
Annual CTC -  20-30 LPA

Job Summary

We are seeking an experienced and highly skilled Security Engineer (InfoSec) to manage, implement, and enhance enterprise-wide security controls and cybersecurity initiatives. The ideal candidate will have strong expertise in Microsoft security technologies, endpoint protection, mobility management, data protection, identity and access management, and incident response. The role requires close collaboration with global teams and business stakeholders to ensure a robust security posture across the organization.

Key Responsibilities

Enterprise Security Management

  • Manage enterprise-level security infrastructure, including the creation, implementation, and maintenance of security rules, configurations, and policies across the organization.
  • Monitor and improve the organization's overall security posture through proactive security controls and continuous monitoring.

Endpoint Security & Device Management

  • Administer and manage Microsoft Intune (MDM/MAM) for enterprise mobility and device management.
  • Design, implement, and enforce enterprise mobility management policies and controls.
  • Manage and maintain Microsoft Defender solutions, including Antivirus and Endpoint Protection.
  • Configure and manage Microsoft Defender for Endpoint to enhance endpoint security and threat detection.

EDR/XDR Security Management

  • Administer and manage EDR/XDR solutions such as Wazuh and Microsoft Defender.
  • Create, customize, and maintain non-default/custom detection rules for threat identification and response.
  • Establish security policies, alerts, and automated response mechanisms within EDR/XDR platforms.

Data Loss Prevention (DLP)

  • Design, implement, and manage Data Loss Prevention (DLP) programs.
  • Create, maintain, and monitor DLP rules using solutions such as Digital Guardian and Microsoft DLP technologies.
  • Implement data classification, protection, labeling, and governance controls to prevent unauthorized data exposure.

Identity & Access Management (IAM)

  • Implement and manage Identity and Access Management (IAM) policies and controls.
  • Enforce and administer Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA) across enterprise applications and systems.
  • Support secure access management and user identity governance initiatives.

Security Assessments & Testing

  • Conduct security assessments, vulnerability reviews, simulations, and security testing activities.
  • Perform phishing simulation exercises using tools such as GoPhish and Microsoft Attack Simulator.
  • Identify security gaps and recommend remediation measures.

Cloud & Virtual Desktop Security

  • Support and manage security controls related to Microsoft Azure Virtual Desktop (AVD/VDI) environments.
  • Ensure secure configuration and compliance of cloud-based infrastructure and virtual desktop environments.

Incident Response & Security Operations

  • Monitor security alerts, investigate incidents, and coordinate remediation activities.
  • Analyze threats, vulnerabilities, and security events to minimize organizational risk.
  • Support incident response processes and post-incident reviews.

Stakeholder & Global Team Collaboration

  • Collaborate with global teams on security-related initiatives, projects, and operational matters.
  • Work closely with business stakeholders to align security controls and policies with organizational requirements.
  • Provide security guidance and recommendations to internal teams and management.

Required Skills & Expertise

Microsoft Security Technologies

  • Strong hands-on experience with:
    • Microsoft 365 Security & Compliance Center
    • Microsoft Intune (MDM/MAM)
    • Microsoft Defender Suite:
      • Microsoft Defender for Endpoint
      • Microsoft Defender for Office 365
      • Microsoft Defender for Cloud Apps

Endpoint & System Security

  • Strong experience securing Windows and Linux environments.
  • Expertise in endpoint security management, configuration, and monitoring.

EDR/XDR Expertise

  • Proven expertise in establishing, configuring, and managing EDR/XDR platforms such as:
    • Wazuh
    • Microsoft Defender
  • Experience creating custom detection rules, threat analytics, alerting mechanisms, and automated security workflows.

Data Loss Prevention (DLP)

  • Hands-on experience with DLP technologies, including:
    • Digital Guardian
    • Microsoft DLP Solutions
  • Experience with data classification, data protection, sensitivity labeling, and compliance controls.
  • Ability to create and manage custom DLP policies and automated workflows.

Security Policy & Automation

  • Proven experience creating custom security rules, policies, and automation across:
    • DLP solutions
    • MDM/MAM platforms
    • EDR/XDR tools
    • Enterprise security platforms

Security Operations

  • Strong understanding of:
    • Incident Response
    • Threat Detection & Monitoring
    • Security Governance
    • Risk Management
    • Security Compliance

Preferred Qualifications

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
  • Industry certifications such as:
    • CISSP
    • CISM
    • CEH
    • Microsoft Security Certifications
    • CompTIA Security+
    • Any relevant Cybersecurity certification

Key Competencies

  • Strong analytical and problem-solving skills
  • Excellent communication and stakeholder management abilities
  • Ability to work effectively with global teams
  • Strong documentation and reporting skills
  • Proactive approach to identifying and mitigating security risks
  • Ability to balance security requirements with business objectives