We are seeking a Tier 2 SOC Engineer with hands-on experience using OpenText security tools (SIEM, SOAR, IDAM, BasicSOC, and PAM). In this role, you will handle escalations from Tier 1, perform in-depth investigations, develop remediation strategies, and collaborate with cross-functional teams to ensure a robust security posture.
Key Responsibilities
Incident Investigation & Response
Triage and analyze security alerts from OpenText SIEM (Security Information & Event Management) and OpenText SOAR (Security Orchestration, Automation, and Response).
Conduct root cause analysis, log analysis, and troubleshooting to resolve security incidents promptly.
Create and maintain SOPs for incident handling, ensuring consistent procedures and swift remediation.
Access & Privilege Management
Manage OpenText IDAM (Identity & Access Management) for user provisioning, deprovisioning, and policy enforcement.
Use OpenText PAM (Privileged Access Management) for credential vaulting, rotation, session recording, and auditing.
Enforce BasicSOC controls and processes to maintain consistent security and compliance standards.
Automation & Scripting
Develop or refine automation scripts (in PowerShell, Bash, or JavaScript) to streamline repetitive tasks and integrations.
Integrate security platforms with Active Directory (AD), SAP, Linux systems, and other IT environments to enhance threat detection and response.
Reporting & Analysis
Prepare weekly and monthly ROI presentations, highlighting notable incidents, resolution times, and overall SOC performance.
Communicate risk insights and recommendations to both technical teams and management.
Compliance & Best Practices
Maintain awareness of industry standards (e.g., ISO 27001, NIST) and ensure alignment with compliance requirements.
Regularly update CyberSecurity Attack knowledge, staying ahead of emerging threats and tactics.
Collaborate with stakeholders to improve security policies, procedures, and training initiatives.
Preferred Skills & Expertise
4+ years in a Security Operations Center or incident response role.
Scripting knowledge (PowerShell, Bash, JavaScript) for automation and integrations.
Experience integrating security tools with AD, SAP, Linux (or similar systems).
Proficiency with PAM components (credential vaulting, rotation, session recording, auditing).
Solid understanding of cybersecurity attacks, log analysis, incident response, and root cause analysis.
Familiarity with CISA guidelines or other relevant security frameworks.
Additional Qualities
Excellent problem-solving and debugging techniques.
Strong written and verbal communication skills for incident documentation and reporting.
Ability to work cross-functionally in a fast-paced, deadline-driven environment.
How To Apply
Please submit your CV and a brief cover letter to [email protected]. Mention “Tier 2 SOC Engineer – [Preferred Location]” in the subject line.