Security Operation Center Engineer

We are seeking a knowledgeable and driven SOC Engineer to join our expanding Detection & Response Team. This position is key to advancing our ability to monitor, detect, and respond to security threats. As part of the team, you will work with Elastic solutions, integrate diverse data sources, and leverage cloud environments to enhance our threat detection capabilities.

This role provides an excellent opportunity to grow in technical expertise, collaborate with a talented team, and make a meaningful impact by safeguarding our clients’ environments from cyber threats.

Your responsibilities

• Design and Deploy: Configure and maintain SIEM solution, ensuring optimal performance and seamless integration with log sources.
• Develop and Enhance: Create and fine-tune detection rules, correlation use cases, and dashboards to ensure comprehensive threat visibility.
• Collaborate and Support: Work closely with the SOC team to align SIEM capabilities with incident response requirements and refine detection methodologies.
• Optimize Log Management: Integrate diverse log sources, enhance log ingestion, and maintain data processing pipelines for efficiency.
• Leverage Cloud Expertise: Incorporate logs and telemetry from Azure, AWS, or GCP environments to provide robust cloud monitoring.
• Utilize Networking Knowledge: Support security operations by integrating IDS/IPS technologies and analyzing network telemetry.
• Document and Train: Maintain up-to-date documentation for configurations and integrations while mentoring junior team members.
• Innovate Continuously: Identify opportunities to streamline operations and enhance the SIEM platform’s capabilities.

Our requirements

If these points describe you, you will thrive in this role:

• You have experience working with(any of) ElasticSIEM, LogScale, Azure Sentinel or Qradarand are passionate about optimizing its use for advanced detection capabilities.
• Terms like log integration, IDS/IPS, cloud security, and detection engineering excite you, and you are eager to tackle these challenges daily.
• You understand how to integrate and optimize data from diverse sources, including network devices, cloud platforms, and endpoints.
• You stay updated on the latest trends in security technologies, frameworks, and best practices, ensuring your skills and knowledge remain cutting-edge.
• You are driven to contribute to a collaborative team environment and share your expertise with others.

Experience:

• At least 2 years of hands-on experience with mentioned SIEM or similar platforms (e.g., Splunk).
• Experience integrating and configuring IDS/IPS, firewalls, and other security technologies.

Technical Knowledge:

• Proficiency in log source integration from network, endpoint, and cloud environments.
• Familiarity with cloud platforms like Azure, AWS, or GCP.
• Understanding of network protocols, firewall configurations, and security frameworks (e.g., MITRE ATT&CK).

Soft Skills:

• Strong analytical skills and problem-solving abilities.
• Effective communication skills for both technical and non-technical stakeholders.
• A proactive mindset with a passion for collaboration and innovation.

What we offer

• The opportunity to work with cutting-edge technologies and methodologies in a dynamic SOC environment.
• Professional growth through access to training, certifications, and hands-on experience.
• A collaborative and supportive team culture that encourages continuous learning and innovation.
• Competitive compensation and benefits, including quarterly performance bonuses.

Benefits

1. Paid Time Off

• We offer 30 days of paid time off annually, in addition to public holidays, ensuring you have enough time to relax and recharge. This benefit supports a healthy work-life balance and helps you stay energized and productive.

2. Company-Sponsored Lunches

• We collaborate with a local restaurant to provide daily meals for our employees. Each day offers a diverse menu with approximately seven options, which changes weekly to ensure variety and satisfaction.

3. Professional Liability Insurance

• To provide peace of mind, we offer professional liability insurance, protecting employees against client claims in case of errors. This benefit significantly contributes to maintaining a positive work environment and mental well-being.

4. Conferences and Events

• Our team actively participates in numerous conferences, not only as attendees but also as speakers. There’s always an opportunity to engage and grow professionally.

5. Training Budget

• Continuous learning and certification are essential in our department. We fully support certifications - your professional development is a priority for us.

6. Quarterly Bonus

• All employees are eligible for a quarterly bonus, provided they meet key criteria such as independence, professionalism, proactivity in their roles, and adherence to SLA requirements.