Job Description
<p><p><b>Job Description</b><br/><br/><b>Job Title :</b> SOC SR Software Engineer<br/><br/><b>Location :</b> Hyderabad, India<br/><br/><b>Department :</b> Perimeter Security Operations Center (PSOC)<br/><br/><b>About the Role :</b> </p><p><br/></p><p>We are seeking a SOC SR Software Engineer who will design, build, and implement security solutions for our newly established Security Operations Center.<br/><br/>As an integral member of our engineering team, youll work on developing tools, automation, and infrastructure to support SOC analysts in detecting, analyzing, and mitigating perimeter security threats.<br/><br/>Youll focus on building solutions that enhance incident response capabilities, streamline operations, and provide insights into threats through data visualization and reporting.<br/><br/><b>Key Responsibilities :</b><br/><br/>- Tool Development and Automation: Design and develop automation solutions to improve SOC efficiency, with a focus on Content Delivery Networks (CDNs), Web Application Firewalls (WAFs), and Splunk integrations.<br/><br/>- Build tools that enable analysts to detect, investigate, and respond to incidents faster and with greater accuracy.<br/><br/>- Threat Detection and Mitigation Solutions: Create detection algorithms and response playbooks for incidents stemming from bot traffic, scanners, malicious actors, and anomalies in customer traffic.<br/><br/>- Implement solutions that prioritize incidents and reduce alert noise while maintaining high accuracy.<br/><br/>- Access Control and IP Reputation Monitoring: Engineer and maintain systems that manage whitelisting, network access allowances, and client IP reputation monitoring.<br/><br/>- Ensure access control solutions align with enterprise security standards and respond dynamically to emerging threats.<br/><br/>- Data Pipeline and Logging Infrastructure: Develop scalable data pipelines and logging systems to centralize threat intelligence, log traffic patterns, and enhance visibility into perimeter security metrics.<br/><br/>- Enable SOC analysts to draw insights from high-quality data sources.<br/><br/>- Threat Pattern Identification and Visualization: Build tools for anomaly detection, pattern recognition, and data visualization, enabling SOC teams to understand and report on threat patterns, including insights into scanner dynamics and attacker capabilities.<br/><br/>- Security Controls Monitoring: Engineer solutions that continuously monitor the efficacy of security controls, identify coverage gaps in API endpoints, and adapt to the evolving application landscape.<br/><br/>- Documentation and Knowledge Sharing: Create comprehensive documentation and playbooks that outline tool functionality, automation workflows, and standard operating procedures for SOC use.<br/><br/>- Ensure documentation is accessible and maintainable.<br/><br/>- Executive Reporting Solutions: Build systems that generate executive reports on key metrics, such as mitigation impact, financial savings, session counts affected by mitigation technologies, and availability impact due to traffic anomalies.<br/><br/>- Collaborative Threat Response: Participate in threat detection exercises, incident analysis, and instrumenting mitigation solutions alongside the operations team.<br/><br/>- Work hands-on with analysts to refine tools and responses based on live incident insights and threat exercises.<br/><br/><b>Required Skills And Qualifications :</b><br/><br/>- Automation Expertise: Strong proficiency in automating tasks within CDNs, WAFs, and Splunk.<br/><br/>- Experience with scripting and programming languages like Python, Bash, or other relevant languages for automation.<br/><br/>- Experience in Security Engineering: Background in developing security solutions for incident response, perimeter defense, or SOC environments.<br/><br/>- Familiarity with threat detection and anomaly analysis.<br/><br/>- Data Pipeline Management: Experience in building and managing data pipelines, logging frameworks, and data visualization for security analysis.<br/><br/>- Proficiency with data engineering tools and frameworks is a plus.<br/><br/>- Strong Analytical Skills: Ability to identify and mitigate security threats with minimal false positives, understanding of bot traffic, scanners, and other traffic-based threats.<br/><br/>- Cross-Functional Collaboration: Effective communication skills, with experience working closely with SOC analysts, incident responders, and engineering teams.<br/><br/>- Documentation Skills: Proven ability to create clear, accessible, and detailed documentation to support SOC workflows and tooling.<br/></p><br/></p> (ref:hirist.tech)