Principal Cyber Security Engineer; SOC

Position: Principal Cyber Security Engineer (SOC)
Location: Prakāshamnagar

About Us    High Radius, a renowned provider of cloud-based Autonomous Software for the Office of the CFO, has transformed critical financial processes for over 800+ leading companies worldwide. Trusted by prestigious organizations like 3M, Unilever, Anheuser-Busch InBev, Sanofi, Kellogg Company, Danone, Hershey's, and many others, High Radius optimizes order-to-cash, treasury, and record-to-report processes, earning us back-to-back recognition in Gartner's Magic Quadrant and a prestigious spot in Forbes Cloud 100 List for three consecutive years.
With a remarkable valuation of $3.1B and an impressive annual recurring revenue exceeding $100M, we experience a robust year-over-year growth of 24%. With a global presence spanning 8+ locations and a recent addition in Poland, we're in the pre-IPO stage, poised for rapid growth. We invite passionate and diverse individuals to join us on this exciting path to becoming a publicly traded company and shape our promising future.

Job Title:

Principal Cybersecurity Engineer

Location:

Hyderabad, Telangana
Team:  Security Operations Center (SOC)

Job Summary:

We are seeking an experienced and highly skilled Principal Cybersecurity Engineer to serve as the L3 technical expert and Lead for our 24x7 Security Operations Center (SOC). In this critical role, you will be responsible for managing the full lifecycle of security monitoring, incident response, and digital forensics. You will act as the final escalation point for security events, lead major incident response efforts, and mentor a team of talented security analysts.

Key Responsibilities & Business Impact       Lead 24x7 Security Operations:
Serve as the  technical lead  and mentor for a round-the-clock team of L1/L2 SOC/IR analysts, providing guidance, training, and operational oversight.
Ensure continuous, high-quality security monitoring and rapid threat detection and response to improve MTTD/MTTR factor for all cyber incidents and to reduce the overall security risk for the business.
Advanced Incident Response (IR):
Act as the  Incident Commander  for high-severity security incidents, leading the technical response from detection and containment through eradication and recovery.
Develop, maintain, and refine incident response playbooks and procedures to ensure efficient and effective handling of threats.
Digital Forensics & Threat Hunting:
Conduct deep-dive  digital forensic investigations  on compromised endpoints, servers, and cloud workloads to determine root cause, attack vectors, and data exfiltration.
Proactively  hunt for advanced threats  and Indicators of Compromise (IOCs) across the enterprise using SIEM, EDR, and threat intelligence data.
Technology & Process Optimization:
Monitor and optimize the security technology stack, including  SIEM, SOAR, EDR, WAF, DLP, CASB and Cloud security  platforms, to improve detection capabilities and analyst efficiency.
Work closely with the Security Engineering team to reduce false positives/alert fatigue and collaborate with the red team to identify opportunities for new alerting rules/thresholds.
Stakeholder Communication:
Translate complex technical findings into clear, concise reports and presentations for technical teams, business leaders, and executive management.
Serve as the primary technical liaison with legal, HR, and other departments during investigations.
Manage Shift roster of the team and align resources efficiently during weekends and public holidays.

Required Qualifications

Experience:

6-8+ years of progressive experience in cybersecurity (preferably in SOC) 2+ years of direct, hands-on experience in a senior or lead incident response role. Proven experience leading or mentoring a technical team in a high-pressure environment
Technical Expertise:
Expert-level proficiency with enterprise SIEM platforms (e.g., Splunk, Microsoft Sentinel, Securonix)
Deep, hands-on experience with EDR/XDR solutions (e.g., Crowd Strike Falcon, Sentinel One, Microsoft Defender for Endpoint).
Proficiency with malware sandboxes (e.g. Cuckoo Sandbox, Joe Sandbox, Reversing Labs etc.) and memory analysis techniques
Strong understanding of network protocols, packet analysis (Wireshark), and network forensics (NDR)
Demonstrated experience in security monitoring and incident response within cloud environments (AWS, Azure, or GCP).
Experience working with insider theft or data leakage threats as well as able to respond to phishing/spam incidents
Soft Skills &

Education:

Bachelor's degree in Cybersecurity, Computer Science, or a related field
Ability to remain calm and decisive under pressure during major incidents
Excellent analytical, problem-solving, and critical-thinking skills
Superior communication skills, with the ability to articulate complex technical topics to both technical and non-technical audiences
Certifications (Highly Desired):
One or more of the following certifications are strongly preferred: CISSP, CCSP, OSCP, GCIH, GCFA, Tryhackme or Hackthebox certifications etc.