Secop Engineer

Objectives

The Key Objectives Of This Engagement Are To

• Augment Client ’s Security Operations with experienced L1, L2, and L3/L4 resources
• Ensure uninterrupted 24x7 operational support for infrastructure security platforms
• Improve turnaround time for BAU security requests and operational tasks
• Support proactive security operations through structured preventive maintenance
• Ensure consistent MIS reporting and operational visibility
• Maintain strict adherence to Client ’s governance, compliance, and ITSM processes
  
  

3.2 Team Composition (Total: 10 Resources)

• Scope of Services 3.1 Service Model & Coverage
• 24x7 operational coverage, including shift‑based coverage and on‑call support
• Resources will operate under Client ‑defined processes, tools, and controls
• Vendor will provide staffing, backfill, and continuity of service
• All operational priorities, approvals, and SLAs are governed by Client
  
  

Role Quantity Primary Focus L1 Security Analyst 3 Triage and fulfill BAU tasks, ticket handling, basic troubleshooting, standard changes, log monitoring and reporting, documentation, and common mailbox monitoring. L2 Security Engineer 5 Advanced BAU, troubleshooting, complex changes, RCA, audit evidence etc. L3/L4 Security Engineer 2 Engineering, hardening, architecture support, policy review/design, complex troubleshooting, DR support, governance inputs.

Note: Backfill must be provided for planned and unplanned leave to ensure uninterrupted coverage.4.2 MIS Reporting (Mandatory Responsibility)

• Roles & Responsibilities 4.1 Core BAU Security Operations Vendor resources shall support Client teams in the following activities but not limited to:
• Firewall policy and ACL implementation and troubleshooting
• WAF / IPS / Guardium Management
• VPN / MFA / token administration
• Website and proxy whitelisting
• Blocking indicators of compromise (IoCs)
• Endpoint security administration (AV, EDR, DLP)
• Security mailbox and queue monitoring
• Configuration management for in‑scope security technologies
• Support for audit, compliance, and evidence preparation
• Participation in disaster recovery drills and readiness activities
• Impact and root cause analysis
• Adherence to standards and changing management policies
• Audit, security and regulatory compliance knowledge
• Configuration management
• Supporting BAU tasks
• Daily backup & log monitoring
• DR activities support
• Preparing SOPs
• Firewall rule review & audit support
• Device baseline/hardening & vulnerability remediation coordination
• Adherence to ITSM processes (Incident, Change, Problem) & SLAs
  
  

Requirements

The vendor is responsible for producing accurate, timely, and complete MIS reports, aligned to Client formats and requirements. Reports include, but are not limited to:

• Ticket volumes and status
• BAU request metrics (ACLs, tokens, whitelisting, endpoint actions)
• Preventive maintenance execution status
• Risks, issues, and dependency tracking
• Operational trends and observations
  
  

Qualifications

Education: Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

Experience

L3/L4 10+ years of experience in IT security operations,

L2 7-10 years of experience in IT security operations

L1 Minimum of 3 years of experience in IT security operations.

Certifications: Relevant industry standard certifications such as CompTIA Security+, CheckPoint, Palo Alto, WAF etc..

Skills

Strong knowledge of IT security operations practices.

Proficiency in security solutions mentioned in Tech Stack.

Excellent problem-solving and analytical skills.

Strong communication and interpersonal skills.5.2 Weekly Activities5.3 Bi‑Weekly Activities5.4 Monthly Activities5.5 Quarterly Activities5.6 Annual Activities

• Preventive Maintenance Responsibilities Vendor resources shall execute preventive maintenance activities under Client direction, with clear documentation and reporting. 5.1 Daily Activities
• Health checks for in‑scope security platforms
• Log and alert monitoring
• Backup verification checks
• Queue and mailbox monitoring
• Daily operational checklist updates
• Review of firewall rules and recent changes
• Patch and signature status validation
• Capacity and performance checks
• Weekly MIS and operational summary
• Configuration drift checks
• Review of recurring incidents and BAU trends
• Validation of backup success and restore readiness
• Preventive maintenance execution report
• Firewall, endpoint, and security platform posture review
• SLA and operational metrics reporting
• Audit and compliance evidence preparation
• Security posture and hardening progress review
• Firewall and policy optimization review
• Trend analysis and improvement recommendations
• Participation in quarterly governance reviews
• Annual disaster recovery exercise support
• Annual backup and restore validation
• Security baseline and hardening review
• Support for internal and external audits
• Technology Environment (Indicative) Vendor resources must have hands‑on experience with technologies including, but not limited to:
• Firewalls: Check Point, Palo Alto, Fortinet
• Proxy / Web Security: Forcepoint, Zscaler
• WAF / IPS / Guardium / DDOS
• Endpoint Security: Trellix / McAfee, EDR, DLP
• IPS / NGFW IPS platforms
• Identity & Access: MFA / VPN token solutions
• ITSM: BMC Helix (or equivalent)