Cyber Security Engineer

About the role

iFalcon Consultancy Services is seeking a Cyber Security Engineer to strengthen enterprise security operations across multiple customer environments. The role focuses on implementing SIEM and SOAR solutions, handling incident detection and response, and contributing to broader cybersecurity projects.

Key responsibilities

• Deploy and configure SIEM/SOAR platforms such as Splunk, QRadar, or Microsoft Sentinel.
• Investigate security incidents, perform triage, analysis, escalation and coordinate response actions.
• Design, fine‑tune and maintain correlation rules, use cases and dashboards.
• Onboard, parse and normalize logs from Windows Event, Syslog, firewalls, EDR/XDR, proxy, web and cloud sources.
• Develop detection use cases based on the MITRE ATT&CK framework and reduce false‑positive alerts.
• Automate response workflows using SOAR playbooks and create incident reports and root‑cause analyses.
• Collaborate with internal teams and clients during security events and participate in assessments, UAT and handovers.
• Support enterprise security projects and managed security services.

Required profile

• Bachelor’s degree in Computer Science, IT, Cybersecurity, Electronics or a related field.
• 2‑5 years of hands‑on experience with SIEM/SOAR implementation, incident detection & response and security monitoring.
• Experience in enterprise environments and familiarity with security tools.
• Relevant certifications such as Splunk, Microsoft SC‑200, IBM QRadar, CEH, Security+ or CySA+ are a plus.

Required skills

• SIEM platforms: Splunk Enterprise, Splunk Enterprise Security, IBM QRadar, ArcSight, Microsoft Sentinel, FortiSIEM.
• SOAR platforms: Cortex XSOAR, FortiSOAR, Splunk SOAR, Microsoft Sentinel.
• Knowledge of MITRE ATT&CK, IOC/IOA detection, use‑case creation and risk‑based alerting.
• Log sources: Windows Event Logs, Syslog, firewall logs, EDR/XDR logs, proxy/web security logs, cloud security logs.
• Basic scripting: Python, PowerShell, Bash.
• Understanding of networking, DNS, Active Directory, Linux and Windows operating systems.
• Familiarity with cloud security platforms such as Azure and Microsoft Defender.