Network Security Engineer

Associate Director - Managed Services

Educational qualifications

§Graduation degree in any stream or equivalent / post-graduation degree/diploma.§MBA is a plus

 

The ideal candidate will:

 

•Lead the strategic evolution of MDR services, including detection engineering, alert triage optimization, threat hunting, and orchestration-led response.•Drive operational excellence across Data Security, Endpoint Security, Network Security (including NDR), CASB, and Email Security platforms, ensuring consistent performance, tuning, and governance.•Integrate multi-domain security telemetry (endpoint, network, identity, cloud, email, data) to enhance detection quality, signal fidelity, and response automation.•Build and scale managed service capabilities, including onboarding frameworks, platform runbooks, standardized operating procedures, and automated workflows.•Champion innovation, adopting advanced analytics, AI‑assisted detection, and automation to reduce noise and improve operational efficiency.•Collaborate effectively with internal and client stakeholders, acting as a trusted advisor for MDR, NDR, and platform operations strategy while leading service reviews and roadmap discussions.•Lead, mentor, and uplift technical teams, fostering a culture of continuous improvement, skill development, accountability, and high performance.•Ensure 24x7 operational readiness, driving maturity in incident response, change governance, service reliability, and risk‑based prioritization.•Influence cross‑functional teams (engineering, sales, architecture, operations) to align services with business goals and client outcomes.•

Work experience (13-16 Years)

•Strong background in cybersecurity operations with specialized experience in MDR, SOC management, platform operations, and threat detection.•Proven experience leading end‑to‑end Managed Detection & Response functions including alert triage, incident analysis, threat hunting, and automation-led response.•Deep experience managing Network Detection & Response (NDR) platforms including IDS/IPS, behavioral analytics, traffic analysis, packet inspection, and network telemetry integration.•Hands-on exposure to designing and optimizing NDR use cases, tuning network sensors, improving signal fidelity, and integrating NDR insights with SIEM, EDR, and SOAR pipelines.•Demonstrated capability in building, scaling, and maturing platform-driven security services across endpoint, network, cloud, data, and email security domains.•Experience managing 24x7 global operations centers, ensuring service reliability, and governing operational processes such as incident response, change management, and SLA/KPI/OLA compliance.•Strong experience in stakeholder management, including:·Engaging with senior technology leaders, CISOs, and client executives.·Facilitating platform reviews, service health checks, and roadmap presentations.·Acting as a trusted advisor to internal and external stakeholders on MDR and platform operations strategy.·Coordinating with sales, pre-sales, solution architects, engineering, and delivery teams for service design and transitions.•A track record of driving cross-functional alignment, influencing decision-making, and leading process improvement across distributed teams.•Prior experience in developing operational excellence frameworks, onboarding models, and continuous improvement initiatives for cyber managed services.

 

Mandatory Certification Required:

•CISSP or CISM (at least one required).•Relevant GIAC certifications in SOC, DFIR, or threat hunting•Vendor certifications in EDR, CASB, Email Security, or Data Security tools (as per platform stack).

 

Technical Skills Required:

 

MDR & Detection Engineering

·Deep expertise in MDR operations including threat detection, incident triage, threat hunting, and automated response workflows.·Strong understanding of detection content development, correlation logic, behavioral analytics, and adversary TTP mapping using MITRE ATT&CK.

Endpoint Security

·Hands-on knowledge of EDR/XDR tools such as Microsoft Defender, CrowdStrike, SentinelOne, or similar platforms.·Experience with tuning, configuration governance, and endpoint telemetry enrichment. 

Technical Skills Continued:

Network Detection & Response (NDR)

·Strong working knowledge of NDR platforms, IDS/IPS systems, and network monitoring technologies.·Ability to interpret network telemetry, packet captures, flow logs, and behavioral network analytics.·Experience integrating NDR tools with SIEM/SOAR/XDR ecosystems.

Data Security Technologies

·Experience with DLP, DSPM, data classification, insider threat solutions, and related governance controls.·Capability to design, tune, and operationalize data protection policies.

Cloud / CASB / SASE

·Knowledge of CASB/SASE solutions such as Netskope, Zscaler, Skyhigh, including cloud activity governance, inline/app control, and policy enforcement.·Understanding of cloud security telemetry and integration.

Email Security

·Proficiency in platforms like Proofpoint, Mimecast, M365 Defender, focusing on phishing defense, sandboxing, and mailflow security analytics.

Automation & Operations

·Experience using SOAR tools for playbook automation, enrichment, and response orchestration.·Familiarity with ITSM tools (ServiceNow, Jira) and operational KPIs/SLAs related to cyber service delivery.·Strong understanding of security log management, SIEM pipelines, and multi-platform telemetry ingestion.

 

Behavioral / team skills

•Strong leadership qualities with the ability to guide multi-skilled technical teams.•Excellent communication and executive‑level stakeholder management.•High level of accountability, ownership, and operational discipline.•Ability to work in high-pressure, 24x7 operational environments.•Strong problem-solving, analytical thinking, and decision-making abilities.•Collaborative mindset with the ability to drive cross-functional alignment.

Educational qualifications

§Graduation degree in any stream or equivalent / post-graduation degree/diploma.§MBA is a plus

 

The ideal candidate will:

 

•Lead the strategic evolution of MDR services, including detection engineering, alert triage optimization, threat hunting, and orchestration-led response.•Drive operational excellence across Data Security, Endpoint Security, Network Security (including NDR), CASB, and Email Security platforms, ensuring consistent performance, tuning, and governance.•Integrate multi-domain security telemetry (endpoint, network, identity, cloud, email, data) to enhance detection quality, signal fidelity, and response automation.•Build and scale managed service capabilities, including onboarding frameworks, platform runbooks, standardized operating procedures, and automated workflows.•Champion innovation, adopting advanced analytics, AI‑assisted detection, and automation to reduce noise and improve operational efficiency.•Collaborate effectively with internal and client stakeholders, acting as a trusted advisor for MDR, NDR, and platform operations strategy while leading service reviews and roadmap discussions.•Lead, mentor, and uplift technical teams, fostering a culture of continuous improvement, skill development, accountability, and high performance.•Ensure 24x7 operational readiness, driving maturity in incident response, change governance, service reliability, and risk‑based prioritization.•Influence cross‑functional teams (engineering, sales, architecture, operations) to align services with business goals and client outcomes.•

Work experience (13-16 Years)

•Strong background in cybersecurity operations with specialized experience in MDR, SOC management, platform operations, and threat detection.•Proven experience leading end‑to‑end Managed Detection & Response functions including alert triage, incident analysis, threat hunting, and automation-led response.•Deep experience managing Network Detection & Response (NDR) platforms including IDS/IPS, behavioral analytics, traffic analysis, packet inspection, and network telemetry integration.•Hands-on exposure to designing and optimizing NDR use cases, tuning network sensors, improving signal fidelity, and integrating NDR insights with SIEM, EDR, and SOAR pipelines.•Demonstrated capability in building, scaling, and maturing platform-driven security services across endpoint, network, cloud, data, and email security domains.•Experience managing 24x7 global operations centers, ensuring service reliability, and governing operational processes such as incident response, change management, and SLA/KPI/OLA compliance.•Strong experience in stakeholder management, including:·Engaging with senior technology leaders, CISOs, and client executives.·Facilitating platform reviews, service health checks, and roadmap presentations.·Acting as a trusted advisor to internal and external stakeholders on MDR and platform operations strategy.·Coordinating with sales, pre-sales, solution architects, engineering, and delivery teams for service design and transitions.•A track record of driving cross-functional alignment, influencing decision-making, and leading process improvement across distributed teams.•Prior experience in developing operational excellence frameworks, onboarding models, and continuous improvement initiatives for cyber managed services.

 

Mandatory Certification Required:

•CISSP or CISM (at least one required).•Relevant GIAC certifications in SOC, DFIR, or threat hunting•Vendor certifications in EDR, CASB, Email Security, or Data Security tools (as per platform stack).

 

Technical Skills Required:

 

MDR & Detection Engineering

·Deep expertise in MDR operations including threat detection, incident triage, threat hunting, and automated response workflows.·Strong understanding of detection content development, correlation logic, behavioral analytics, and adversary TTP mapping using MITRE ATT&CK.

Endpoint Security

·Hands-on knowledge of EDR/XDR tools such as Microsoft Defender, CrowdStrike, SentinelOne, or similar platforms.·Experience with tuning, configuration governance, and endpoint telemetry enrichment. 

Technical Skills Continued:

Network Detection & Response (NDR)

·Strong working knowledge of NDR platforms, IDS/IPS systems, and network monitoring technologies.·Ability to interpret network telemetry, packet captures, flow logs, and behavioral network analytics.·Experience integrating NDR tools with SIEM/SOAR/XDR ecosystems.

Data Security Technologies

·Experience with DLP, DSPM, data classification, insider threat solutions, and related governance controls.·Capability to design, tune, and operationalize data protection policies.

Cloud / CASB / SASE

·Knowledge of CASB/SASE solutions such as Netskope, Zscaler, Skyhigh, including cloud activity governance, inline/app control, and policy enforcement.·Understanding of cloud security telemetry and integration.

Email Security

·Proficiency in platforms like Proofpoint, Mimecast, M365 Defender, focusing on phishing defense, sandboxing, and mailflow security analytics.

Automation & Operations

·Experience using SOAR tools for playbook automation, enrichment, and response orchestration.·Familiarity with ITSM tools (ServiceNow, Jira) and operational KPIs/SLAs related to cyber service delivery.·Strong understanding of security log management, SIEM pipelines, and multi-platform telemetry ingestion.

 

Behavioral / team skills

•Strong leadership qualities with the ability to guide multi-skilled technical teams.•Excellent communication and executive‑level stakeholder management.•High level of accountability, ownership, and operational discipline.•Ability to work in high-pressure, 24x7 operational environments.•Strong problem-solving, analytical thinking, and decision-making abilities.•Collaborative mindset with the ability to drive cross-functional alignment.

Educational qualifications

§Graduation degree in any stream or equivalent / post-graduation degree/diploma.§MBA is a plus

 

The ideal candidate will:

 

•Lead the strategic evolution of MDR services, including detection engineering, alert triage optimization, threat hunting, and orchestration-led response.•Drive operational excellence across Data Security, Endpoint Security, Network Security (including NDR), CASB, and Email Security platforms, ensuring consistent performance, tuning, and governance.•Integrate multi-domain security telemetry (endpoint, network, identity, cloud, email, data) to enhance detection quality, signal fidelity, and response automation.•Build and scale managed service capabilities, including onboarding frameworks, platform runbooks, standardized operating procedures, and automated workflows.•Champion innovation, adopting advanced analytics, AI‑assisted detection, and automation to reduce noise and improve operational efficiency.•Collaborate effectively with internal and client stakeholders, acting as a trusted advisor for MDR, NDR, and platform operations strategy while leading service reviews and roadmap discussions.•Lead, mentor, and uplift technical teams, fostering a culture of continuous improvement, skill development, accountability, and high performance.•Ensure 24x7 operational readiness, driving maturity in incident response, change governance, service reliability, and risk‑based prioritization.•Influence cross‑functional teams (engineering, sales, architecture, operations) to align services with business goals and client outcomes.•

Work experience (13-16 Years)

•Strong background in cybersecurity operations with specialized experience in MDR, SOC management, platform operations, and threat detection.•Proven experience leading end‑to‑end Managed Detection & Response functions including alert triage, incident analysis, threat hunting, and automation-led response.•Deep experience managing Network Detection & Response (NDR) platforms including IDS/IPS, behavioral analytics, traffic analysis, packet inspection, and network telemetry integration.•Hands-on exposure to designing and optimizing NDR use cases, tuning network sensors, improving signal fidelity, and integrating NDR insights with SIEM, EDR, and SOAR pipelines.•Demonstrated capability in building, scaling, and maturing platform-driven security services across endpoint, network, cloud, data, and email security domains.•Experience managing 24x7 global operations centers, ensuring service reliability, and governing operational processes such as incident response, change management, and SLA/KPI/OLA compliance.•Strong experience in stakeholder management, including:·Engaging with senior technology leaders, CISOs, and client executives.·Facilitating platform reviews, service health checks, and roadmap presentations.·Acting as a trusted advisor to internal and external stakeholders on MDR and platform operations strategy.·Coordinating with sales, pre-sales, solution architects, engineering, and delivery teams for service design and transitions.•A track record of driving cross-functional alignment, influencing decision-making, and leading process improvement across distributed teams.•Prior experience in developing operational excellence frameworks, onboarding models, and continuous improvement initiatives for cyber managed services.

 

Mandatory Certification Required:

•CISSP or CISM (at least one required).•Relevant GIAC certifications in SOC, DFIR, or threat hunting•Vendor certifications in EDR, CASB, Email Security, or Data Security tools (as per platform stack).

 

Technical Skills Required:

 

MDR & Detection Engineering

·Deep expertise in MDR operations including threat detection, incident triage, threat hunting, and automated response workflows.·Strong understanding of detection content development, correlation logic, behavioral analytics, and adversary TTP mapping using MITRE ATT&CK.

Endpoint Security

·Hands-on knowledge of EDR/XDR tools such as Microsoft Defender, CrowdStrike, SentinelOne, or similar platforms.·Experience with tuning, configuration governance, and endpoint telemetry enrichment. 

Technical Skills Continued:

Network Detection & Response (NDR)

·Strong working knowledge of NDR platforms, IDS/IPS systems, and network monitoring technologies.·Ability to interpret network telemetry, packet captures, flow logs, and behavioral network analytics.·Experience integrating NDR tools with SIEM/SOAR/XDR ecosystems.

Data Security Technologies

·Experience with DLP, DSPM, data classification, insider threat solutions, and related governance controls.·Capability to design, tune, and operationalize data protection policies.

Cloud / CASB / SASE

·Knowledge of CASB/SASE solutions such as Netskope, Zscaler, Skyhigh, including cloud activity governance, inline/app control, and policy enforcement.·Understanding of cloud security telemetry and integration.

Email Security

·Proficiency in platforms like Proofpoint, Mimecast, M365 Defender, focusing on phishing defense, sandboxing, and mailflow security analytics.

Automation & Operations

·Experience using SOAR tools for playbook automation, enrichment, and response orchestration.·Familiarity with ITSM tools (ServiceNow, Jira) and operational KPIs/SLAs related to cyber service delivery.·Strong understanding of security log management, SIEM pipelines, and multi-platform telemetry ingestion.

 

Behavioral / team skills

•Strong leadership qualities with the ability to guide multi-skilled technical teams.•Excellent communication and executive‑level stakeholder management.•High level of accountability, ownership, and operational discipline.•Ability to work in high-pressure, 24x7 operational environments.•Strong problem-solving, analytical thinking, and decision-making abilities.•Collaborative mindset with the ability to drive cross-functional alignment.

Experience Level

Mid Level