Principal Cyber Security Engineer (SOC)

About Us

HighRadius, a renowned provider of cloud-based Autonomous Software for the Office of the CFO, has transformed critical financial processes for over 800+ leading companies worldwide. Trusted by prestigious organizations like 3M, Unilever, Anheuser-Busch InBev, Sanofi, Kellogg Company, Danone, Hershey's, and many others, HighRadius optimizes order-to-cash, treasury, and record-to-report processes, earning us back-to-back recognition in Gartner's Magic Quadrant and a prestigious spot in Forbes Cloud 100 List for three consecutive years.

With a remarkable valuation of $3.1B and an impressive annual recurring revenue exceeding $100M, we experience a robust year-over-year growth of 24%. With a global presence spanning 8+ locations and a recent addition in Poland, we're in the pre-IPO stage, poised for rapid growth. We invite passionate and diverse individuals to join us on this exciting path to becoming a publicly traded company and shape our promising future.

Job Title: Principal Cybersecurity Engineer

Location: Hyderabad, Telangana

Team: Security Operations Center (SOC)

Job Summary: We are seeking an experienced and highly skilled Principal Cybersecurity Engineer to serve as the L3 technical expert and Lead for our 24x7 Security Operations Center (SOC). In this critical role, you will be responsible for managing the full lifecycle of security monitoring, incident response, and digital forensics. You will act as the final escalation point for security events, lead major incident response efforts, and mentor a team of talented security analysts.

Key Responsibilities & Business Impact

• Lead 24x7 Security Operations:

• Serve as the technical lead and mentor for a round-the-clock team of L1/L2 SOC/IR analysts, providing guidance, training, and operational oversight.

• Ensure continuous, high-quality security monitoring and rapid threat detection and response to improve MTTD/MTTR factor for all cyber incidents and to reduce the overall security risk for the business.

• Advanced Incident Response (IR):

• Act as the Incident Commander for high-severity security incidents, leading the technical response from detection and containment through eradication and recovery.

• Develop, maintain, and refine incident response playbooks and procedures to ensure efficient and effective handling of threats.

• Digital Forensics & Threat Hunting:

• Conduct deep-dive digital forensic investigations on compromised endpoints, servers, and cloud workloads to determine root cause, attack vectors, and data exfiltration.

• Proactively hunt for advanced threats and Indicators of Compromise (IOCs) across the enterprise using SIEM, EDR, and threat intelligence data.

• Technology & Process Optimization:

• Monitor and optimize the security technology stack, including SIEM, SOAR, EDR, WAF, DLP, CASB and Cloud security platforms, to improve detection capabilities and analyst efficiency.

• Work closely with the Security Engineering team to reduce false positives/alert fatigue and collaborate with the red team to identify opportunities for new alerting rules/thresholds.

• Stakeholder Communication:

• Translate complex technical findings into clear, concise reports and presentations for technical teams, business leaders, and executive management.

• Serve as the primary technical liaison with legal, HR, and other departments during investigations.

• Manage Shift roster of the team and align resources efficiently during weekends and public holidays.

Required Qualifications

Experience:

6-8+ years of progressive experience in cybersecurity (preferably in SOC) 2+ years of direct, hands-on experience in a senior or lead incident response role. Proven experience leading or mentoring a technical team in a high-pressure environment

Technical Expertise:

• Expert-level proficiency with enterprise SIEM platforms (e.g., Splunk, Microsoft Sentinel, Securonix)

• Deep, hands-on experience with EDR/XDR solutions (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint).

• Proficiency with malware sandboxes (e.g. Cuckoo Sandbox, Joe Sandbox, Reversing Labs etc.) and memory analysis techniques

• Strong understanding of network protocols, packet analysis (Wireshark), and network forensics (NDR)

• Demonstrated experience in security monitoring and incident response within cloud environments (AWS, Azure, or GCP).

• Experience working with insider theft or data leakage threats as well as able to respond to phishing/spam incidents

Soft Skills & Education:

• Bachelor's degree in Cybersecurity, Computer Science, or a related field

• Ability to remain calm and decisive under pressure during major incidents

• Excellent analytical, problem-solving, and critical-thinking skills

• Superior communication skills, with the ability to articulate complex technical topics to both technical and non-technical audiences

Certifications (Highly Desired):

• One or more of the following certifications are strongly preferred: CISSP, CCSP, OSCP, GCIH, GCFA, Tryhackme or Hackthebox certifications etc.