Security Engineer

Job description / Role

Employment: Full Time

Job summary:

The SOC engineer plays a critical role in ensuring the organization's cybersecurity posture is robust and resilient. The position is responsible for monitoring, analyzing, and responding to security events and incidents, maintaining security tools and technologies, and supporting continuous improvements to SOC operations.

Key responsibilities:

• Own and operate most important security solutions designed to protect the company from cyber threats and attacks.
• Lead in deploying new solutions and technologies to improve the security posture of the company.
• Continuous fine-tuning of our security solutions to reduce the occurrence of false positives and false negatives alerts.
• Act as L3 escalation point in analyzing and responding to security incidents from various security technologies and platforms.
• Perform platform health checks to ensure that our security solutions are operating effectively and efficiently.
• Drive continuous improvement to reduce threat dwell time in our environment through automation, process simplification, among others.
• Work closely with the penetration test team, cyber hunt team, threat intel, and other internal organizations to achieve the shared vision of improving the company's cybersecurity posture.
• Use tools to respond to incidents and actively improve the cybersecurity posture of the company.
• Develop the technical skills of the junior SOC analysts in the team to empower them to be more effective and efficient in their roles.

Qualifications:

• Bachelor's degree in computer science, cybersecurity, information technology, or a related field.
• Certifications such as CompTIA Security+, CEH, CISSP, or GIAC are highly preferred.

• 4 years of experience in SOC operations, cybersecurity, or a related field.
• Hands-on experience with SIEM tools, IDS/IPS, firewalls, and other security technologies.
• Proven track record in incident detection, analysis, and response.

• Strong understanding of networking protocols and concepts (e.g. TCP/IP, DNS, HTTP).
• Full knowledge of the following tools:
• NAC solutions
• SIEM solutions
• EDR solutions
• NDR solutions
• IAM (Identity and Access Management)
• PAM (Privileged Access Management)
• User behavior analysis
• Familiarity with forensic tools and methodologies.

• Excellent problem-solving and analytical skills.
• Strong written and verbal communication abilities.
• Ability to work effectively in high-pressure situations.
• Team-oriented mindset with a proactive approach to learning and collaboration.

Key performance indicators (KPIs):

• Mean time to detect (MTTD) and respond (MTTR) to incidents.
• Uptime and performance of SOC tools and technologies.
• Accuracy and completeness of incident documentation.
• Contribution to process improvement and automation.

Working conditions:

• On-call availability for critical incidents.
• On-site work model based on organizational policies.

Company Industry: Education

Apply Now