At Critical Start, we re on a mission to make everyone a valued member of a winning team, united by an inspiring purpose: shaping the future of cybersecurity. Since 2012, we ve been dedicated to safeguarding organizations from cyberattacks, preparing for evolving threats, and earning recognition for our innovative contributions to the industry.
We thrive in an agile, collaborative environment that fosters creativity and action. At Critical Start, innovation drives everything we do. We pioneered the first MOBILESOC app for on-the-go threat detection and response, automated alert resolutions to maximize efficiency, and cut alert investigation time by 99.3% - transforming the way cybersecurity teams work. Our team and customers genuinely value the impact we make every day.
Want to hear more from our team? Watch this video to gain insights into life at Critical Start or check out our Glassdoor reviews for an inside look.
- A chance to make an impact every day whether protecting customers or contributing to a greater mission.
- Collaboration with talented, supportive teammates who value accountability and growth.
- A commitment to continuous improvement, striving for excellence, and breaking past mediocrity.
- A culture of learning, innovation, and inclusivity, where every idea matters.
- Recognition for being at the forefront of the industry we ve received accolades that prove we re doing something right.
- A supportive environment where you belong and your contributions truly matter, as one team member put it:
Every day presents new challenges and opportunities for growth, and the culture is unlike any other.
Who You Are
We are looking for a Security Engineer III to join the Critical Start Technologies Private Ltd. team, operating under the Critical Start umbrella, supporting our India operations. This is an exciting opportunity for a skilled security professional with 5 8 years of hands-on experience in security engineering, threat detection, and investigation. We are looking for a curious, technically adept individual who thrives in a fast-paced, high-impact environment. You bring deep technical expertise, a proactive mindset, and a passion for solving complex security challenges using industry-leading tools and frameworks.
The ideal candidate is a driven and resourceful security professional who thrives on diving deep into threat activity whether it s analyzing port scans or crafting custom detection queries. With a strong understanding of the MITRE ATT&CK framework, you re capable of building your own detection content and conducting investigations independently, without relying solely on predefined rules. You take initiative, enjoy improving processes, and excel in autonomous, project-based environments. Your analytical mindset, technical curiosity, and collaborative spirit enable you to contribute meaningfully to both team goals and larger security objectives.
What You Will Be Doing?
- Investigate and validate alerts generated by industry-standard EDR and SIEM platforms, ensuring data quality and investigative clarity for our Security Operations Center (SOC).
- Proactively identify opportunities to improve alert fidelity through detection tuning, custom rule development, and the creation of IOCs and IOAs.
- Author and maintain clear, user-centric investigation procedures to guide SOC analysts and drive consistency in alert handling.
- Collaborate cross-functionally with Engineering and Product teams to enhance security tools and improve platform efficacy.
- Conduct periodic quality assurance checks on alerts especially during platform updates or vendor API changes to maintain actionable fidelity.
- Design, write, and translate threat detection content across tools including but not limited to Splunk, Microsoft Sentinel, Devo, Microsoft 365 Defender, Palo Alto Cortex XDR, CrowdStrike, and SentinelOne.
- Lead internal knowledge-sharing sessions and mentor junior team members to foster a culture of collaboration and continuous learning.
- Operate effectively in a global, agile team spanning multiple time zones, balancing independence with team collaboration.
What You Will Bring?
Required Qualifications: - 5+ years of experience in cybersecurity with a focus on threat detection, security engineering, or incident investigation.
- Hands-on experience with multiple EDR and SIEM tools such as Splunk, Microsoft Sentinel, Devo, Microsoft 365 Defender, Palo Alto Cortex XDR, CrowdStrike, SentinelOne, Carbon Black, or Cylance.
- Proficiency in one or more query languages (e.g., SPL, KQL, Sumo Logic).
- Experience building use cases for SIEM platforms and a solid grasp of log source types including firewalls, operating systems, and proxies.
- Strong verbal and written communication skills with the ability to convey complex concepts to both technical and non-technical stakeholders.
- Ability to work independently while effectively collaborating with distributed teams.
- Familiarity with tools like GitHub, Jira, and Confluence.
Preferred Qualifications: - Professional certifications such as OSCP, CISSP, or equivalent.
- Experience creating parsers or custom log processing logic.
- Exposure to agile development environments and DevSecOps culture.
What Its Like Working Here
Imagine a dynamic, enjoyable, and rewarding work environment. We are professionals, and the work we do holds immense significance, like saving our customers from potential disasters. However, we believe in not taking ourselves too seriously.
Prefer a casual dress code every day? No problem, as we find comfort enhances our thinking.
What does our Compensation and Benefits package entail?
- Competitive salary
- Statuary PTO (Paid Time Off) policy
- Depending on the role, you may work in the office, remotely, or adopt a hybrid work model.
This policy encompasses all aspects of employment, including recruitment, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Mental and Physical Requirements
Its important to note that specific physical and mental requirements may vary depending on the nature of the office job, organization, and individual responsibilities.
Physical:
- Stationary position for extended periods of time.
- Constantly operate a computer.
- Occasionally you may be required to move equipment or other items up to 20 lbs.
- The ability to communicate information and ideas so others will understand. Must be able to exchange accurate information in these situations.
Mental:
- Must be able to apply established protocols in a timely manner.
- Make timely decisions in the context of workflow.
- Ability to complete tasks and perform in situations requiring speed deadlines, or productivity quota.
- Ability to work effectively and efficiently in high stress situations.
- Ability to simultaneously address multiple complex problems.
How to Apply:
Interested candidates are invited to visit our career site and apply for the position: https: / / www.criticalstart.com / careers /
#LI-CV1
