We are seeking a skilled and motivated SOC Security Engineer with cloud and on-prem expertise to join our expert team. As a SOC Security Engineer, you will be responsible for connecting customer log sources, adding and fine-tuning SIEM rules, responding to security incidents, and writing security scripts and playbooks. You will work in a fast-paced environment to ensure the security and integrity of our SOC infrastructure and services, with specific expertise in IBM QRadar and our cloud-native, innovative platform, CYCL.

Key Responsibilities:

·Log Source Integration: Connect and configure customer log sources to ensure accurate and comprehensive logging for security monitoring. Write and tune scripts for non-standard log sources

·SIEM Rule Creation: Develop, implement, and fine-tune SIEM (Security Information and Event Management) rules and heuristics to detect security incidents and anomalies.

·Automation Scripts Creation: Develop and maintain, python automation scripts for incident response

·Incident Response Expert Assistance: Provide expert advice in investigating and forensics collection of cloud and on-prem security incidents, analyzing root causes, and implementing remediation actions to mitigate security threats in cloud and on-prem environments.

·Playbook Development: Write and maintain detailed security playbooks for incident response and mitigation processes.

·Customer Interaction: Work closely with customers on onboarding, incident response and security improvement tasks

·Collaboration: Work closely with the analyst SOC team and R&D team to analyze security incidents and help develop the CYCL platform.

·IBM QRadar Expertise: Leverage in-depth knowledge of IBM QRadar to manage and optimize its use for threat detection and incident response.

·Documentation: Document security engineering actions and security incidents, findings, and forensics to maintain accurate records for knowledge sharing, lesson learning and compliance purposes.

Qualifications:

·Education: Cyber Security education and Relevant certifications (e.g., CCSP, DFIR, AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer Associate) are a plus.

·Experience: Minimum of 3 years of experience as a SOC analyst, Security Engineering or Cloud Security role.

·Technical Skills: Proficiency in using SIEM tools, cloud and on-prem tools, and endpoint security solutions. Experience with incident response and security engineering in cloud and on-prem environments.

·Cloud Platforms: Experience with major cloud platforms such as AWS, Azure, and Google Cloud.