Role : Relevant Experience (Cyber Security Domain) : Minimum 5 Years

Role Objective :

The Cyber Security L2 Engineer will be responsible for the day-to-day operations, administration, and maintenance of enterprise security infrastructure.

The role requires strong hands-on expertise in Imperva Database Activity Monitoring (DAM) and Cisco Email & Web Security (ESA / WSA), along with good operational experience in managing and fine-tuning multiple security technologies. The engineer will also collaborate closely with cross-functional teams.

Key Responsibilities :

Operational & Technical :

- Manage and operate Imperva DAM and Cisco ESA / WSA platforms.

- Perform incident response and investigation, analyze alerts, and coordinate remediation with relevant teams.

- Conduct policy administration and fine-tuning to enhance detection accuracy and reduce false positives.

- Support the implementation and configuration of security controls across domains.

- Perform system health checks for all managed security tools, ensuring continuous availability and performance.

- Manage patching, version upgrades, and platform migrations in collaboration with OEM and infrastructure teams.

- Maintain documentation and operational reports, including incident logs, RCA reports, and audit evidence.

- Collaborate with SOC, Network, and Infrastructure teams for incident correlation and service restoration.

- Ensure adherence to established security frameworks, governance models, and ITIL-based change management policies.

Governance & Compliance :

- Maintain compliance with defined security baselines, standards, and procedures.

- Contribute to vulnerability and risk assessments by providing insights from DAM and ESA/WSA findings.

- Participate in internal and external security audits, ensuring readiness, documentation, and corrective action tracking.

Must-Have Skills :

- Imperva DAM: Administration, policy tuning, agent health checks, reporting, and SIEM integration.

- Cisco WSA / ESA: Policy management, content filtering, anti-spam configuration, SSL decryption, and quarantine management.

- Incident Response & Investigation: L2-level triage, log analysis, and root cause identification.

- Policy Administration & Security Control Implementation.

- Patch, Upgrade, and Version Management.

- Operational Reporting & Documentation.

- Awareness of Security Frameworks (ISO 27001, NIST, Zero Trust, etc.).

- Technical Environment Familiarity: Windows, Linux, VMware, SIEM, Network Security, Firewall, and Routing fundamentals.

Must-Have Certifications :

- CISSP

- Imperva DAM or Database Security Certification (e.g., Imperva Certified Implementation Specialist - CIS-DAM).

- Cisco Certified - CCNP Security (WSA/ESA related).

Good-to-Have Skills :

- Experience with Forcepoint DLP, CyberArk PAM, or Trend Micro Apex One / Deep Security.

- Basic familiarity with OPSWAT MetaDefender, Tenable.io, or F5 ASM/WAF.

Good-to-Have Certifications :

- CompTIA Security+, or CySA+.

- Cisco Security certifications (e.g., CCIE Security).

- ISO 27001: Lead Implementer / Lead Auditor.

Key Attributes :

- Strong analytical, troubleshooting, and communication skills.

- Ability to work independently and collaboratively under pressure.

- Process-driven mindset focused on continuous improvement and automation.

- Documentation-oriented approach aligned with ITIL and audit requirements.