We are looking for a highly skilled Senior SOC Engineer to lead security monitoring, incident response, detection engineering, and vulnerability management initiatives. This role requires strong hands-on expertise in SIEM/XDR, threat hunting, and risk-based vulnerability management.
Key Responsibilities
Security Monitoring & Incident Response Lead security incident investigations and provide technical expertise Perform real-time monitoring across SIEM, XDR, NDR, OT & cloud platforms Conduct root cause analysis (RCA) and document lessons learned Coordinate containment, eradication & recovery activities Ensure SLA & KPI adherence Detection Engineering & Use Case Management Develop and tune SIEM/XDR correlation rules aligned with MITRE ATT&CKReduce false positives & enhance detection coverage Implement advanced use cases (ransomware, insider threats, APTs, data exfiltration) Log source onboarding, parser development & normalization Optimize alert thresholds and detection logic Vulnerability Management Lead end-to-end vulnerability lifecycle (discovery → remediation validation) Risk-based prioritization using CVSS, asset criticality & business impact Correlate vulnerabilities with threat intelligence Validate remediation via rescans & penetration testing support Develop executive dashboards & risk exposure reports Threat Hunting & Intelligence Conduct proactive hypothesis-driven threat hunting Integrate threat intelligence feeds into SIEM/XDRTrack emerging TTPs and refine detection strategies Support adversary simulation exercises Reporting & Stakeholder Management Vulnerability tracking & SLA breach reporting Monthly risk & trend analysis Patch compliance & remediation validation reporting Audit & compliance documentation support Education Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field📜 Mandatory Certification (Any One Required) Tenable Certified Nessus Professional (TCNP) Tenable Certified Security Center (TCSC) Qualys Certified Specialist – VMDRQualys Certified Specialist – Web Application Scanning (WAS)⭐ Preferred Certifications CEHMicrosoft Certified: Security Operations Analyst (SC-200) OSCP💡 Required Skillset Hands-on SIEM, XDR/EDR, NDR, SOAR & cloud security monitoring Strong understanding of MITRE ATT&CK & threat hunting Full vulnerability lifecycle management expertise SOC use case tuning & automation Knowledge of ISO 27001, NIST CSF frameworks Experience with Tenable, Qualys, Rapid7, Acunetix, Burp Suite Basic scripting (Power Shell / Python / KQL / SPL) Strong reporting & stakeholder communication skills