Senior Security Engineer

Joining GRIDsentry offers exposure to mission‑critical infrastructure projects and rapid professional growth in a niche, high‑impact domain. It is an ideal place for those who want to build expertise in OT and power‑grid cybersecurity while shaping next‑generation security architectures.\n\nWork location - Manesar, Haryana.\n\nJob Description -\nThe Applications Engineer – SIEM is responsible for the deployment, configuration, integration, and operational management of the SIEM platform within the OT cybersecurity environment across substations and control centres. The role ensures centralized log collection, correlation, threat detection, and security monitoring aligned with SOC operations.

The engineer plays a key role in enabling real-time visibility, incident detection, and compliance monitoring by integrating diverse OT and IT data sources into the SIEM platform and developing actionable security intelligence.\n\nKey Responsibilities -\nSIEM Deployment & Configuration\n• Install, configure, and maintain the SIEM platform in line with project architecture.\n• Configure system components including collectors, forwarders, storage, and processing nodes.\n• Ensure high availability, scalability, and performance of the SIEM infrastructure.\n\nLog Integration & Data Onboarding\n• Integrate log sources from:\n• Substation systems and OT devices\n• Network devices (firewalls, switches, routers)\n• Servers and operating systems\n• Security tools (IDS, endpoint security, etc.)\n• Normalize, parse, and validate logs for accurate ingestion and analysis.\n\nCorrelation & Use Case Development\n• Develop and fine-tune correlation rules, use cases, and alerting mechanisms.\n• Configure dashboards and reports for SOC operations and management visibility.\n• Implement use cases aligned with OT cybersecurity threats and compliance requirements.\n\nMonitoring & Incident Support\n• Support SOC operations by monitoring alerts and assisting in incident detection and analysis.\n• Investigate anomalies and escalate security incidents as per defined procedures.\n• Optimize alert thresholds to reduce false positives and improve detection accuracy.\n\nIntegration & Interoperability\n• Integrate SIEM with other cybersecurity systems including:\n• IDS / IPS\n• Endpoint Security (EDR, HIPS)\n• Vulnerability Management Systems\n• Ensure seamless data exchange and interoperability across platforms.\n\nPerformance Optimization & Maintenance\n• Monitor SIEM performance and implement tuning for efficient resource utilization.\n• Perform regular maintenance, updates, and health checks.\n• Ensure data retention policies and storage management are maintained.\n\nCompliance & Reporting\n• Generate reports for security monitoring, compliance, and audit requirements.\n• Ensure SIEM configurations align with project and regulatory compliance standards.\n• Maintain documentation related to SIEM configuration and operations.\n\nExperience -\n• 5–8 years experience in SIEM deployment, configuration, and SOC operations.\n• Experience in multi-source log integration and security monitoring environments.\n• Exposure to OT/ICS environments is an added advantage.\n\nSkills -\n• SIEM platforms (e.g., Splunk, IBM QRadar, ArcSight, Elastic SIEM)\n• Log parsing, normalization, and correlation\n• Security event monitoring and analysis\n• Use case development and alert tuning\n• Basic scripting (Python, Shell) for automation (preferred)\n• Understanding of network and endpoint security systems\n\nQualification -\n• B.E / B.Tech in Cybersecurity, Information Technology, Computer Science, or related field.\n\nCertifications (Preferred) -\n• SIEM Platform Certifications (Splunk / QRadar / ArcSight)\n• CompTIA Security+\n• Certified SOC Analyst (CSA)\n• CEH (Certified Ethical Hacker)