Associate Cybersecurity Engineer, Managed Security Services @ Critical Start

We are searching for a dedicated and proficient Associate Cybersecurity Engineer to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, for our India operations. The perfect candidate should have extensive knowledge of Security Information and Event Management (SIEM) tools, including Microsoft Sentinel, Splunk, and Sumo Logic.

They should also be we'll-versed in Endpoint Detection and Response/Extended Detection and Response (EDR/XDR) integrations like SentinelOne, Defender for Endpoint/Server, CrowdStrike, and Palo Alto Cortex XDR. As an Associate Cybersecurity Engineer, you will have a vital role in providing managed security services to our clients, guaranteeing the smooth operation of their security infrastructure.

• Skills Maintenance: Keep your industry knowledge up-to-date by maintaining deep expertise in SIEM tools and EDR/XDR products.
• Client Interaction: Deliver our managed services to clients efficiently, working on project-based tasks related to SIEM and EDR/XDR technologies. Collaborate closely with clients to address technical issues, provide value reports, and configure their systems effectively.
• Technical Guidance: Offer technical guidance, expertise, and configuration support to clients, helping them maintain strong and efficient SIEM and Endpoint security programs.
• Best Practices: Assist clients in implementing best practices for deploying and configuring endpoint agents, endpoint security policies, log forwarders, data sources, content, and alerts.
• Security Enhancement: Assist clients in enhancing the security of their SIEM and Endpoint products, ensuring alignment with industry standards and our program offerings.
• Issue Resolution: Troubleshoot problems related to data source interactions with SIEM technologies and API connections between supported security integrations and our platform (CORR).
• Automation Opportunities: Identify chances to automate parts of SIEM and Endpoint engineering tasks to improve efficiency and accuracy.
• Documentation Management: Create and update extensive security documentation, encompassing playbooks, standard operating procedures, and training materials.
• Ongoing Education: Keep abreast of the latest security threats and trends, integrating this knowledge into our security solutions. Attain and maintain relevant security certifications.
• Collaborative Teamwork: Work closely with fellow cybersecurity engineers, product managers, and architects to devise and implement innovative security solutions that offer the highest level of protection for our clients.

Required Qualifications:

• Bachelors degree in Computer Science, Cybersecurity, Information Technology, or an equivalent field, or equivalent experience and industry certifications.
• 2+ years of experience with SIEM tools (Splunk, Microsoft Sentinel, Sumo Logic, or Devo).
• Familiarity with various security data sources, log formats, and ingestion methods.
• Experience in creating SIEM content, including alerts, reports, and dashboards.
• Excellent communication and customer service skills.
• Ability to establish rapport and trust with customers, even in discussions about complex technical issues.
• Proficient in troubleshooting technical issues related to security products.

Desired Qualifications:

• 1+ years of experience with any EDR/XDR solution.
• 3+ years of experience with Cloud Technologies (Azure, AWS, or GCP).
• Experience deploying security solutions in an MSSP environment is a plus.
• Experience with DevOps tools is a plus (Terraform, Ansible, Puppet, Salt Stack, etc).
• Scripting abilities in Bash, PowerShell, Python, or other programming/scripting languages.

Imagine a dynamic, enjoyable, and rewarding work environment. We are professionals, and the work we do holds immense significance, like saving our customers from potential disasters. Howe'ver, we believe in not taking ourselves too seriously.

Prefer a casual dress code every day? No problem, as we find comfort enhances our thinking.

What does our Compensation and Benefits package entail?

• Competitive salary with bonus potential
• Flexible PTO (Paid Time Off) policy
• Depending on the role, you may work in the office, remotely, or adopt a hybrid work model.
• And a new Tesla... just kidding! Kudos for making it to the end.

Mental and Physical Requirements

Its important to note that specific physical and mental requirements may vary depending on the nature of the office job, organization, and individual responsibilities.

Physical:

• Stationary position for extended periods of time.
• Constantly operate a computer.
• Occasionally you may be required to move equipment or other items up to 20 lbs.
• The ability to communicate information and ideas so others will understand. Must be able to exchange accurate information in these situations.

Mental:

• Must be able to apply established protocols in a timely manner.
• Make timely decisions in the context of workflow.
• Ability to complete tasks and perform in situations requiring speed deadlines, or productivity quota.
• Ability to work effectively and efficiently in high stress situations.
• Ability to simultaneously address multiple complex problems.