System Engineer

PhonePe

Scroll down to apply

Bengaluru, India (On-site)1 – 3 Years1 month ago

RoleSystem Engineer (Cybersecurity Operations)

LocationBengaluru, India (On-site)

Experience1 – 3 Years

QualificationB.E / B.Tech / B.Sc in CS, IT, or Cybersecurity

Job Description

As a System Engineer at PhonePe, you will manage our proactive defense posture by acting as the primary monitor for technical vulnerabilities. You will utilize the Wazuh-ELK stack to detect threats and manage the full remediation lifecycle—from scanning and deployment to final patch validation across our server fleet. This role sits at the intersection of data analysis, security monitoring, and systems administration.
You will be responsible for ensuring infrastructure compliance with CIS Benchmarks and preparing audit evidence for high-level standards like ISO 27001 or ReBIT . Using tools like Wireshark and Tcpdump, you will perform packet analysis to identify malicious patterns. Additionally, you will automate repetitive security tasks using Python, PowerShell, or Bash to enhance our operational efficiency and response speed.

Monitoring & Detection: Use Wazuh and ELK Stack to analyze logs and system behavior.
Vulnerability Management: Execute the full lifecycle of scanning, deployment, and validation.
Compliance: Perform Drift Monitoring to ensure systems align with CIS Benchmarks.
Network Security: Conduct packet analysis using Wireshark to identify traffic patterns.
Endpoint Mastery: Manage AD, GPOs, and EDR tools (CrowdStrike/SentinelOne).
Cloud Security: Implement the “Principle of Least Privilege” within IAM frameworks.
Automation: Modify and write scripts in Python/Bash for log analysis and API integrations.
Reporting: Generate evidence for high-level technical and legal audits.

Education: Bachelor’s degree in CS, IT, Cybersecurity, or a related technical field.
Security Tools: Proficiency in SIEM (ELK/Splunk), Nessus, and EDR/AV management.
OS Knowledge: Deep understanding of Windows (Active Directory) and Linux (CLI, grep, awk).
Networking: Expert knowledge of the OSI model, HTTP/S, DNS, and SMB protocols.
Scripting: Ability to read and modify Python, PowerShell, or Bash code.
Frameworks: Familiarity with the MITRE ATT&CK framework for threat intelligence.
Certifications (Plus): CEH, Security+, or CCNA Security.

Note: This job is posted on external sites. Joblit shares the listing for convenience and does not take responsibility for third-party content.