Senior SOC Engineer (Incident Response / GIAC)

Senior SOC Engineer (Incident Response / GIAC)

Reporting into the Security Operations Centre Senior Manager, the role will develop and integrate the Incident Response (IR) / SOC security infrastructure to monitor both on premise and cloud environments.

The role will serve as a critical bridge between operations and engineering.

Responsibilities:

– Drive and improve continuous monitoring and incident response, serving as a senior resource in the SOC and Incident Response processes.

– Configure and integrate platforms, tools, service providers, and solutions into IR/SOC systems, make recommendations as needed.

– Consolidate and improve security logging and monitoring solutions on premise and in the cloud to detect and respond to security threats in real time.

– Drive efforts to automate and accelerate the detection and response processes.

– Ensure integration of input from the deployed suite of security tools to SOC systems (e.g. SIEM/SOAR), including, but not limited to, IDS/IPS, End Point Protection, MDR/XDR, PAM, MFA, DNS Security, and cloud security posture management.

Required Skills / Experience:

– 8+ years of hands-on experience in information security related responsibilities with a strong focus on SOC engineering, incident response, and thread detection/hunting.

– In-depth knowledge of IR/SOC monitoring, alerting and investigation tools platforms, process, and architecture

– Experience working with cloud security technologies (AWS, Azure DevOps, Kubernetes, GCP, etc) including cloud log analysis, monitoring, detection, and incident response.

– Experience with SOC use of SIEM, SOAR, IDS/IPS, DLP, and Endpoint security.

Senior SOC Engineer (Incident Response / GIAC)