About the companyUpstox is one of India's leading Fin-Tech companies with a mission to simplify trading & investing to make it easily accessible to the masses. We aim to enable everyone, from new investors to seasoned traders, to invest across multiple categories with our state-of-the-art trade & investment platform and commission-free pricing. We offer numerous asset categories to invest in, like Stocks, Digital Gold, IPOs, Mutual Funds, and more.Our mission is simple - to break down the complexities of investing and make it more effortless, accessible, affordable, and easy for the masses to adopt. This key principle when infused with intuitive design and leading-edge technology will help us empower every Indian to take control of their investments.Role: Security Engineer - 2 (Cyber Defense)The role of a Security Engineer is crucial in the realm of cybersecurity as it covers the incident response aspects. A Security Engineer should possess a total of 5 years of experience in cyber security, out of which, 3 years of experience should be in SOC (Security Operations Center) or Incident Response, and a minimum of 2 years experience as a lead investigator in Incident a Security Engineer, the responsibilities will primarily involve collaborating with internal and external stakeholders to respond to incidents and collect digital evidence related to them. The ability to perform triaging, analysis & reporting, and performing RCA (Root Cause Analysis) of incidents is also an integral part of the job.In this role, the Security Engineer must possess exceptional communication skills and be able to articulate complex technical information in a clear and concise manner to stakeholders at various levels of the organization. Furthermore, the ability to identify and recommend process improvements, implement mitigation strategies, and provide ongoing support to ensure a proactive approach to incident management is essential.What you'll do:- Investigate, document, and report on information security issues and emerging threats, utilizing threat intelligence and industry best practices.- Provide Incident Response (IR) support when analysis confirms an actionable incident, including isolating affected systems, collecting and analyzing triage/logs, containing the incident, and providing a remediation strategy.- Gather information from various threat intel sources and initiate remediation steps to neutralize the risk to the organization.- Monitor and analyze logs and alerts from a variety of different technologies across multiple platforms to identify and triage security incidents affecting the enterprise.- Perform threat hunting and in-depth investigations, providing support for incidents escalated from SOC.- Define and document playbooks, standard operating procedures, and processes to streamline incident response and ensure consistency across the organization.- Document the results of cyber threat analysis effectively and prepare comprehensive hand-off and/or escalation for the Incident Response process.- Utilize security tools and technologies to analyze potential threats to determine impact, scope, and recovery.- Collaborate with internal and external stakeholders, including key business units, to make recommendations on mitigation and prevention techniques.- Conduct a detailed analysis of various security-related events like Phishing, Malware, DoS/DDoS, Application-specific Attacks, Ransomware, etc.- Research and explore the enrichment and correlation of existing data sets to provide deep threat analysis.- Contribute to and/or drive special projects by providing expertise, guidance, and leadership in the area of information security.What you'll need:- Technical expertise in the organization's applications, systems, networks, and infrastructure, including a deep understanding of highly scalable enterprise network technologies and architectures.- Strong knowledge of logging mechanisms on Windows, Linux, and macOS platforms, as well as networking protocols.- Proficiency with several security tools and technologies, such as EDR, Anti-Virus, HIPS, NIDS/NIPS, log analysis, full packet capture, network-based forensics, and encryption.- Advanced certifications, such as SANS GIAC / GCIA / GCIH, CISSP, or CASP, and experience with incident response-specific training and certification is highly desirable.- At least 2 years of experience as a lead investigator and 3 years of experience as an analyst in incident response or SOC.- Expertise in creating and executing incident response playbooks (IRP).Excellent understanding of defensive security strategies and tactics.- Strong scripting skills for automation.- Effective communication skills to coordinate with various stakeholders across the organization.If you fit the above description, we would love to connect with you! APPLY NOWA basic requirement but one that many forget: Make sure you go through , and give us feedback!Upstox is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other characteristics.
