Security Engineer

OverviewJob Title: SOCEngineerDepartment: Cybersecurity SectionJob Summary: The SOC Engineer plays a critical role in ensuring the organization's cybersecurity posture is robust and resilient. The position is responsible for monitoring, analyzing and responding to security events and incidents, maintaining security tools and technologies and supporting continuous improvements to SOC operations.ResponsibilitiesOwn and operate most important security solutions designed to protect the company from cyber threats and attacks.Lead in deploying new solutions and technologies to improve the security posture of the company.Continuous finetuning of our security solutions to reduce the occurrence of false positive and false negative alerts.Act as L3 escalation point in analyzing and responding to security incidents from various security technologies and platforms.Perform platform health checks to ensure that our security solutions are operating effectively and efficiently.Drive continuous improvement to reduce threat dwell time in our environment through automation process simplification among others.Work closely with the Penetration Test Team, Cyber Hunt Team, Threat Intel and other internal organizations to achieve the shared vision of improving the companys cyber security posture.Use tools to respond to incidents and actively improve the cyber security posture of the company.Develop the technical skills of the junior SOC analysts in the team to empower them to be more effective and efficient in their roles.QualificationsEducation and CertificationsBachelors degree in Computer Science, Cybersecurity, Information Technology or a related field.Certifications such as CompTIA Security+, CEH, CISSP or GIAC are highly preferred.Experience4 years of experience in SOC operations, cybersecurity or a related field.Hands-on experience with SIEM tools, IDS/IPS, firewalls and other security technologies.Proven track record in incident detection, analysis and response.Technical SkillsStrong understanding of networking protocols and concepts (e.g. TCP/IP, DNS, HTTP).Full knowledge of the following tools:NAC Solutions.SIEM Solutions.EDR SolutionsNDR SolutionsIAM (Identity and Access Management).PAM (Privileged Access Management).User behavior AnalysisFamiliarity with forensic tools and methodologies.Soft SkillsExcellent problem solving and analytical skills.Strong written and verbal communication abilities.Ability to work effectively in high-pressure situations.Team oriented mindset with a proactive approach to learning and collaboration.Key Performance Indicators (KPIs)Mean time to detect (MTTD) and respond (MTTR) to incidents.Uptime and performance of SOC tools and technologies.Accuracy and completeness of incident documentation.Contribution to process improvement and automation.Working ConditionsOn-call availability for critical incidents.On-site work model based on organizational policies.#J-18808-Ljbffr