Cyber Security Operations Engineer

Operate and deliver our SOC platforms as a managed service to SME clients. Responsible for platform deployment, client onboarding, user training, ongoing operations, and ensuring optimal performance of the SOC system for client environments. Focus on service delivery excellence, client satisfaction.Key ResponsibilitiesAI SOC Platform Deployment & ConfigurationDeploy SOC platform for new client environmentsConfigure platform settings based on client requirements and network architectureSet up log collection agents and data sources in client infrastructureCustomize monitoring parameters and thresholds for client-specific needsIntegrate client\'s existing security tools with SOC platformConduct deployment testing and validation before go-liveDocument client deployment architecture and configurationsClient Onboarding & TrainingLead technical onboarding sessions for new clientsConduct platform training for client IT teams and security personnelCreate and deliver customized training materials and user guidesDemonstrate SOC features, dashboards, and reporting capabilitiesTrain clients on alert review, incident workflows, and response proceduresProvide hands-on workshops for platform usage and best practicesAssess client readiness and provide post-training supportDevelop training documentation and video tutorialsManaged SOC Operations (24/7)Monitor SOC platform alerts and security events for all clientsAnalyze and triage alerts generated by AI detection enginesInvestigate security incidents and perform initial analysisExecute incident response procedures according to client SLACoordinate with clients during active security incidentsEscalate critical incidents to senior analysts or incident response teamDocument all incidents, actions taken, and resolutionsPerform threat hunting using AI-powered analytics toolsClient Support & Service ManagementServe as primary technical contact for assigned clientsRespond to client inquiries via ticketing system, email, and phoneTroubleshoot client issues related to platform usage and operationsProvide technical guidance on security alerts and recommendationsManage client requests for configuration changes or customizationsEnsure timely resolution of client issues within SLA parametersConduct regular client check-ins and service review meetingsGather client feedback for service improvementReporting & CommunicationGenerate and deliver scheduled security reports to clients (daily, weekly, monthly)Create executive summaries of security posture and incidentsCustomize reports based on client requirementsPresent findings and recommendations in client review meetingsCommunicate security trends and threat intelligence insightsProvide metrics on platform performance and detection effectivenessDocument lessons learned and improvement recommendationsTechnical SkillsSecurity KnowledgeStrong understanding of cyber threats, attack techniques, and TTPsKnowledge of MITRE ATT&CK FrameworkLog analysis and security event correlationIncident response procedures and methodologiesNetwork protocol analysis (TCP/IP, DNS, HTTP/HTTPS)Endpoint security and malware analysis basicsUnderstanding of vulnerability managementFamiliarity with compliance frameworks (ISO 27001, NIST, PCI DSS)Platform & ToolsExperience with SIEM platforms (Splunk, QRadar, Sentinel, or similar)Understanding of AI/ML concepts in cybersecurity (basic level)Familiarity with EDR/XDR solutionsExperience with ticketing systems (ServiceNow, Jira, Zendesk)Proficiency with security dashboards and reporting toolsBasic scripting knowledge (Python, PowerShell - advantage)Windows and Linux operating systems administrationClient Service SkillsExcellent troubleshooting and problem-solving abilitiesExperience with remote support toolsAbility to explain technical concepts to non-technical audiencesCustomer service orientation and professionalismTime management and prioritization skillsQualificationsEducation & ExperienceBachelor\'s degree in Information Security, Computer Science, IT, or related field2-4 years of experience in SOC operations, security monitoring, or cybersecurityExperience with SIEM platforms and security monitoring toolsUnderstanding of network security, endpoint security, and common attack vectorsExperience in customer-facing technical roles or managed servicesStrong understanding of security operations workflows and incident responsePreferred CertificationsCompTIA Security+, CySA+Certified Ethical Hacker (CEH)GIAC Security Essentials (GSEC)GIAC Certified Incident Handler (GCIH)Certified SOC Analyst (CSA)ITIL Foundation (for service management)#J-18808-Ljbffr