Senior SOC Engineer

Job Description:

We are seeking a highly skilled Sr SOC Engineer to enhance our cybersecurity response capabilities in a Managed Security operations environment. The ideal candidate will have extensive experience developing and implementing SOC solution internally and as well for clients and candidates who have strong experience in assessing and implementing SOC operational tools and processes. This role demands a hands-on approach to incident response, strong analytical skills, and effective communication with cross-functional teams

Key Responsibilities:

• Continuous optimization of our security solutions to minimize the occurrence of false positive and false negative alerts.
• Serve as the L3 escalation point for the analysis and response to security incidents originating from a variety of security technologies and platforms.
• Conduct platform health tests to ensure that our security solutions are functioning effectively and efficiently.
• Through automation and process simplification, among other methods, promote continuous development to decrease the dwell time of threats in our environment.
• Support the ingestion and analysis of logs from various systems and applications into the SIEM platform to improve incident analysis.
• Work closely with the Penetration Test Team, Cyber Hunt Team, Threat Intel, and other internal organizations to achieve the shared vision of improving the company’s cyber security posture.
• Develop the technical skills of the junior SOC analysts in the team to empower them to be more effective and efficient in their roles.
• Drive continuous improvement of incident response processes and procedures to optimize efficiency and effectiveness.
• Engage in Threat Intelligence and Threat Hunting activities to proactively identify and mitigate emerging security threats.
• Build and maintain relationships with external partners, vendors, and industry peers to keep abreast of emerging threats, best practices, and new technologies.
• Contribute to proof-of-concept assessments of new security products.
• Stay informed about the evolving cybersecurity landscape, including emerging threats and industry standards, to recommend proactive security measures.

Technical Competencies and Experience:

• Malware Analysis – the ability to conduct intricate analyses in order to comprehend the properties and behaviors of malware and to suggest effective mitigation strategies and countermeasures.
• User behavior analysis - the capacity to reconstruct user activities in order to identify patterns of nefarious behavior
• Log Analysis and Correlation, Enterprise Endpoint Security and Email Security
• Network Security (IPS/IDS), Security protocols and Operating Systems (Windows, Unix, Linux) and Cloud Security (AWS, Azure, GCP)
• Preferably with relevant experience on key leading-edge security solutions such as XSIAM, Nexpose, Metaspolit, Proofpoint, R7 Insight IVM, etc.
• Ability to work with diverse groups such as the Cyber Incident Response team (CIRT), Penetration Testing team, etc to mitigate a security threat.
• Strong leadership skills with the ability to interact with key partners including Senior Management, ability to articulate security events in a concise and understandable manner:

• Proven experience (7+ years) in Managed security operations and incident response, preferably in a leading role.
• Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
• In-depth knowledge of incident response methodologies and security technologies (SIEM, IDS/IPS, EDR, etc.).
• Strong understanding of TCP/IP protocols, network segmentation, VPNs, and firewall configuration.
• Experience with Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks.
• Expertise in developing and refining SIEM rules, alerts, and correlation logic.
• Ability to manage multiple security incidents in a fast-paced, dynamic environment.
• Exceptional problem-solving and decision-making skills, with a proactive and results-driven mindset.
• Excellent communication skills, capable of discussing complex security issues with both technical and non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, GCIH, GNFA or GIAC are highly desirable.

Qualifications:

• Proven experience (7+ years) in Managed security operations and incident response, preferably in a SOC engineer role.
• Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
• Individual is expected to have skills in programming, or scripting languages like Python, Perl, or Ruby
• Relevant certifications such as CISSP, CISM, GCIH, GNFA or GIAC are highly desirable