Position Summary

We are seeking a highly experienced and technically proficient Senior Security

Operations Center (SOC) professional responsible for the engineering, optimization, and

maintenance of the tools and infrastructure used to protect the organization from cyber

threats

The Senior SOC Engineer will be responsible for the design, deployment, management,

and optimization of security tools and platforms. This role is critical in enhancing the

organization's threat detection, incident response, and threat hunting capabilities. The

ideal candidate will have deep technical expertise in a wide range of security

technologies and a proven track record of building and improving SOC infrastructure.

Key Responsibilities

Security Tool Engineering & Management:

● Lead the design, implementation, and maintenance of core security platforms,

including SIEM (Security Information and Event Management), EDR/XDR

(Endpoint Detection and Response/Extended Detection and Response), SOAR

(Security Orchestration, Automation, and Response), and Threat Intelligence

Platforms.

● Develop and fine-tune SIEM correlation rules, dashboards, and alerts to reduce

false positives and improve the effectiveness of threat detection.

● Integrate new log sources and threat intelligence feeds into the SIEM and other

security tools.

Assess existing security controls, identify gaps, and recommend improvements to the overall security posture. 

Advanced Threat Detection & Hunting:

● Develop and implement proactive threat hunting methodologies and queries to

identify undetected threats and anomalies across the network, endpoint, and

cloud environments.

● Conduct in-depth analysis of security logs and network traffic to identify

sophisticated attacks and adversary tactics, techniques, and procedures (TTPs).

Stay current with emerging cybersecurity threats, technologies, and industry best practices. 

Incident Response & Automation:

● Develop, implement, and maintain incident response playbooks and procedures,

leveraging SOAR platforms to automate incident triage and response workflows.

● Perform forensic analysis on compromised systems to determine the root cause,

scope, and impact of an incident.

Mentorship & Leadership:

● Mentor and provide technical guidance to junior SOC analysts and engineers.

● Develop training materials and conduct knowledge-sharing sessions to enhance

the skills of the SOC team.

● Contribute to the strategic direction of the SOC, including the evaluation of new

security technologies and the development of long-term goals.

Required Qualifications

Experience:

● Minimum 5 years of experience in a Security Operations Center, with a minimum

of 3 years in a senior or engineering-focused role.

● Proven hands-on experience with SIEM platforms such as Splunk, IBM QRadar,

Microsoft Sentinel, or Elastic Stack.

● Extensive experience with EDR/XDR solutions (e.g., CrowdStrike, Microsoft

Defender for Endpoint, SentinelOne).

● Familiarity with cloud security concepts and experience securing environments in

AWS, Azure, or GCP.

Technical Skills:

● Strong understanding of cybersecurity frameworks and models such as MITRE

ATT&CK, NIST

● Excellent problem-solving skills and the ability to think critically in high-pressure

situations.

● High attention to detail and a proactive approach to security.

Education & Certifications:

● Bachelor's degree in Computer Science, Information Technology, Cybersecurity,

or a related field, or equivalent practical experience.

● Relevant industry certifications such as GIAC certifications (GCIH, GCFA, GCTI),

OSCP, CISSP, or vendor-specific certifications (e.g., Splunk Certified Architect)

are highly desirable.

Soft Skills:

● Strong verbal and written communication skills with the ability to convey complex

technical information to both technical and non-technical audiences.

● Ability to work independently and as part of a team in a fast-paced, dynamic

environment.

● High attention to detail and a proactive approach to security.