The L2 Cybersecurity Engineer plays a crucial role in safeguarding the company's data and systems. This individual is responsible for day-to-day administration of security infrastructure, monitoring breaches, conducting in-depth incident investigations, and implementing technical solutions to mitigate risks. The role requires a deep understanding of network protocols, security tools, and the ability to work under pressure during security incidents. Responsibilities: Incident Response: Investigate and respond to security incidents and breaches escalated from L1 support, performing root cause analysis to prevent recurrence. Monitoring & Analysis: Monitor and analyze security alerts and events from various sources, including SIEM (Security Information and Event Management) platforms (e.g., QRADAR) and security dashboards. Vulnerability Management: Conduct regular vulnerability assessments and coordinate penetration testing activities to identify weaknesses in systems and networks. Security Infrastructure Management: Implement, configure, troubleshoot, and maintain security technologies such as firewalls (e.g., Palo Alto, Fortigate, Check Point), intrusion detection/prevention systems (IDS/IPS), EDR/AV, CipherTrust (Tokenization Server), HSM, 2FA, PAM, IBM Guradium and Rapid 7. Policy & Documentation: Develop, maintain, and enforce security policies, procedures, and documentation, ensuring compliance with industry standards and regulations. Threat Hunting: Proactively search for hidden threats, malware, and vulnerabilities in the system to enhance detection capabilities. Collaboration & Mentorship: Collaborate with IT, development, and L3 teams to address security issues and implement best practices. May also assist in training and mentoring junior (L1) security staff. Reporting: Prepare detailed reports and documentation of security incidents, analyses, and system status for management and compliance purposes. On-Call Support: May require participation in a 24/7 on-call rotation to address critical incidents and ensure minimal downtime and be onsite if necessary Requirements: Education: Bachelor's degree in Information Security, Computer Science, or a related field, or equivalent work experience. Experience: 3+ years of proven experience in cybersecurity or information security roles, with a focus on L2 support or similar responsibilities. Minimally 1-2 years of experience in supporting mission critical systems with a stringent SLA of 99.9% Technical Proficiency: Strong understanding of security protocols, TCP/IP, network security, operating systems (Linux, Windows), and cloud security concepts. Well-versed in IT Service Management (ITSM) standards, processes, guidelines and best practices is an advantage. Tool Experience: Hands-on experience with security tools such as SIEM, firewalls, vulnerability scanners (e.g., Tenable), and incident response platforms. Certifications (Preferred): Relevant certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or CISSP are highly valued. Soft Skills: Strong analytical thinking, problem-solving skills, attention to detail, and excellent communication and collaboration skills.