Sr SOC Engineer

We are seeking a dedicated and experienced Sr SOC Engineer to bolster our Security Operations and Incident Response capabilities. In this role, you will play a pivotal part in fortifying our global Information Systems security infrastructure and responding effectively to potential security threats. Your responsibilities will encompass the daily operations of our security technologies, alongside proactive analysis, and response to security incidents. Collaboration with our Information Services team will be integral to maintaining and enhancing our organization's security posture and safeguarding our data assets.
About the Team:
As a valued member of our Security Operations team, you will advocate a pragmatic approach to proposing and implementing security solutions. You will actively contribute to the continual analysis of our security logs and posture to uphold our organization's security and situational awareness regarding potential threats.

What you'll do

• 1.      Security Monitoring and Analysis:
• Monitor security alerts and events from various sources, including SIEM (Security Information and Event Management) tools.
• Conduct in-depth analysis of security incidents to determine the scope, impact, and severity.


• 2.      Incident Triage and Investigation:
• Ability to identify abuse/ Fraud patterns on Cloud Platform
• Perform initial triage of security incidents, prioritizing and escalating as necessary.
• Conduct detailed investigations to identify the root cause of security incidents and recommend remediation actions.
• Collaborate with the team to mitigate and counteract threats.


• 3.      Threat Detection and Analysis:
• Utilize threat intelligence and analyse patterns to detect emerging cybersecurity threats.
• Collaborate with other SOC analysts and teams to improve detection capabilities.
• Investigate signs of compromise, utilizing your problem-solving skills and knowledge of cyber-attacks and data analysis (phishing, Ransomware, account compromise, DDOS)
• Zero-day attack analysis and control, Analyse end user system for attack related incidents and share RCA


• 4.      Incident Response:
• Assist in coordinating and executing incident response procedures.
• Strong understanding of cybersecurity concepts, attack vectors, and defence mechanisms.
• Analytical mindset and the ability to think critically under pressure.


• 5.      Documentation and Reporting:
• Document incident details, investigation, analysis findings, and response actions.
• Generate and communicate incident reports to relevant stakeholders.
• Preparing disaster recovery plans / tabletop exercise / PEN Test / weekly monthly metric reports


• 6.      Tool Management:
• Operate and manage security tools, including sumo logic, defender, Qualys, Sophos, O365, Phislabs, Litmos, Service desk, Jira, confluence, datadog
• Recommend improvements to enhance the effectiveness of security tools.
• Developing, configuring, and deploying monitoring tools and scripts for applications and systems
• Exposure on Terraform, Git, workflow




• 7.      Business Support:
• Participate in business and technology initiatives, contributing as an information security professional to define security-related processes and procedures.
• Engage in internal and third-party audits of the company’s information security policies, procedures, and operational duties, supporting remediation efforts as necessary.
• Collaborating with product development, information technology (IT) and architecture teams to evaluate and implement new services based on requirements.



• 8.      Projects:
• Coordinate and execute security projects aligned with the global security strategy, evaluating the security posture of the company and related data assets.
• Stay informed on the latest information security technologies, methodologies, and events, providing feedback on the security aspects or impact of non-security-related technology.
• Liaise with external vendors and service providers to ensure the efficacy of security solutions and services.

What you'll bring:

• Qualification:
• Bachelor’s degree (or equivalent experience) in Computer Science,
• Engineering, or related technical field.
• 5-8 years of direct information security experience in a global IT environment, with proficiency in at least 2 of the 10 security domains.
• Experince on public cloud technology (AWS ,Azure, GCP ) & some cloud automations
• Certification: CompTIA Security+, Certified Ethical Hacker (C|EH), CSAor equivalent are highly desirable.