Job Title:SOC
Engineer
Department: Cybersecurity Section
The SOC Engineer plays a critical role in ensuring the
organization’s cybersecurity posture is robust and resilient. The position is
responsible for monitoring, analyzing, and responding to security events and
incidents, maintaining security tools and technologies, and supporting
continuous improvements to SOC operations.
-Own and operate most important security
solutions designed to protect the company from cyber threats and attacks.
-Lead in deploying new solutions and technologies
to improve the security posture of the company.
-Continuous fine-tuning of our security solutions
to reduce the occurrence of false positive and false negative alerts
-Act as L3 escalation point in analyzing and
responding to security incidents from various security technologies and
platforms.
-Perform platform health checks to ensure that
our security solutions are operating effectively and efficiently.
-Drive continuous improvement to reduce threat
dwell time in our environment through automation, process simplification, among
others.
-Work closely with the Penetration Test Team,
Cyber Hunt Team, Threat Intel, and other internal organizations to achieve the
shared vision of improving the company’s cyber security posture.
-Use tools to respond to incidents, and actively
improve the cyber security posture of the company.
-Develop the technical skills of the junior SOC
analysts in the team to empower them to be more effective and efficient in
their roles.
Education and Certifications
- Bachelor’s degree in Computer
Science, Cybersecurity, Information Technology, or a related field.
- Certifications such as CompTIA
Security+, CEH, CISSP, or GIAC are highly preferred.
4 years of experience in SOC
operations, cybersecurity, or a related field.
- Hands-on experience with SIEM
tools, IDS/IPS, firewalls, and other security technologies.
- Proven track record in incident
detection, analysis, and response.
- Strong understanding of
networking protocols and concepts (e.g., TCP/IP, DNS, HTTP).
- Full knowledge of the following
tools:
- NAC Solutions.
- SIEM Solutions.
- EDR Solutions
- NDR Solutions
- IAM (Identity and Access Management).
- PAM (Privileged Access Management).
- User behavior
Analysis
- Familiarity with forensic tools
and methodologies.
- Excellent problem-solving and
analytical skills.
- Strong written and verbal
communication abilities.
- Ability to work effectively in
high-pressure situations.
- Team-oriented mindset with a
proactive approach to learning and collaboration.
- Mean time to detect (MTTD) and
respond (MTTR) to incidents.
- Uptime and performance of SOC
tools and technologies.
- Accuracy and completeness of
incident documentation.
- Contribution to process
improvement and automation.
- On-call availability for
critical incidents.
- On-Site work model based on
organizational policies.