SOC Engineer Tier 1

Job Title: SOC Engineer, Tier 1

Location: Pakistan Remote

Position Overview:

As a SOC Engineer, Tier 1, you will be responsible for design, build, and optimize the overall architecture of the Security Operations Center (SOC) to ensure effective monitoring, detection, and response capabilities, as well as tuning security use cases and creating dashboards for monitoring and reporting. You will be responsible for developing strategies, frameworks, and security use cases, as well as aligning the SOC infrastructure with business needs and compliance requirements. responsible for monitoring, detecting, and responding to cybersecurity threats and incidents. You will work within the Security Operations Center (SOC) and collaborate with other team members to protect critical systems and data.

Key Responsibilities:

• Incident Monitoring & Detection (24x7)
• Incident Response
• SOC Architecture Design & Optimization
• Use Case Development & Tuning
• Playbook & Runbook Development
• Threat Intelligence & Vulnerability Management
• Dashboards & Reporting
• Collaboration: Work with internal and external stakeholders for incident escalation, resolution, and communication.

Technical Skills & Tools:

• Hands on experience with SIEM platforms (e.g., Splunk, IBM QRadar or similar)
• Hands on experience of network security monitoring tools and intrusion detection systems (IDS/IPS).
• Deep understanding of network protocols, IDS/IPS systems, logs, and packet analysis.
• Cisco XDR, CrowdStrike, Microsoft Defender, Expel and ServiceNow.
• Hands on experience in security analysis and malware analysis.
• Hands on experience with CISCO Secure Endpoint, Secure Cloud Analytics, Cisco CSW.
• Hands on experience with scripting for automation (Python, PowerShell, etc.)

Preferred Experience:
Candidates with experience in the following technologies and platforms will be preferred:

• CISCO CSW
• CISCO XDR
• CISCO Secure Endpoint
• CrowdStrike
• ServiceNow
• Microsoft Defender
• CISCO Secure Cloud Analytics
• Expel
• Tenable Vulnerability Manager

Required Certifications:

Preferred Certifications (not mandatory but advantageous):

• CISA (Certified Information Security Auditor)
• GCIH (GIAC Certified Incident Handler)
• eCIR (Certified Incident Responder)
• eCTHPv2 (Certified Threat Hunting Professional)
• OSDA (Offensive Security Defense Analyst)

ATSG is an equal opportunity employer.