L2 Security Engineer

Company Overview

Details about the company, its industry, and culture are not specified.

Job Summary

We are looking for a skilled and proactive L2 Security Engineer to strengthen our Security Operations team. In this role, you will play a critical part in safeguarding our digital assets by managing security tools, detecting and analyzing threats, and supporting compliance initiatives. This position requires hands-on experience with Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and vulnerability management, along with a keen understanding of modern threat landscapes.

Responsibilities

• SIEM Operations: Administer and fine-tune the Wazuh SIEM platform for real-time threat detection, log aggregation, and security alert optimization.
• Endpoint Security: Monitor and manage EDR and antivirus platforms to ensure endpoint protection across the enterprise.
• Network Security Oversight: Collaborate with infrastructure and network teams to evaluate and update firewall and Web Application Firewall (WAF) rules in response to threat intelligence and operational needs.
• Threat Detection: Analyze logs from firewalls and WAFs to detect anomalous behavior and potential intrusions.
• Vulnerability Management: Lead coordination of external Vulnerability Assessments and Penetration Testing (VAPT) exercises; ensure prompt remediation and tracking of vulnerabilities.
• Threat Research: Stay informed on emerging threats, vulnerabilities, exploits, and malware campaigns relevant to our environment and technologies.
• Patch Management: Support structured patching cycles to address critical vulnerabilities and verify successful remediation.
• Compliance & Audit Support: Participate in internal audits and compliance reviews; maintain documentation and provide evidence to support audit readiness.
• Security Best Practices: Contribute to the improvement of security policies, procedures, and incident response strategies in line with industry frameworks.

Qualifications

• Experience: 2 - 4 years in cybersecurity or security operations.
• Education: Bachelor's degree in Computer Science, Cybersecurity, or a related technical field.
• Technical Proficiency:
  • In-depth experience with Wazuh or similar SIEM platforms.
  • Strong familiarity with EDR tools and antivirus/malware protection solutions.
  • Competence in analyzing and managing firewall and WAF rules and logs.
  • Demonstrated ability to manage VAPT cycles and track remediation efforts.
  • Understanding of patch management systems and processes.
• Framework Knowledge: Working knowledge of threat intelligence concepts, MITRE ATT&CK, OWASP, NIST, and incident response frameworks.
• Certifications: Preferred certifications include CEH, CompTIA Security+, and CySA+.

Preferred Skills

• Additional relevant certifications or specialized knowledge in threat intelligence.

Experience

• 2 - 4 years of experience in cybersecurity or security operations.

Environment

• Typical work setting, location (remote, in-office, hybrid), and any physical or environmental conditions are not specified.

Salary

• Estimated salary range is not provided.

Growth Opportunities

• Potential career advancement opportunities within the company are not specified.

Benefits

• List of offered benefits is not provided.