SOC Engineer

Job Title : Senior SOC Security Engineer

Location : USA (Remote)

Job Description: The Senior SOC Security Engineer will serve as a key technical expert within the Security Operations Center (SOC), responsible for leading the design, implementation, and optimization of security monitoring and incident response technologies. In this hands-on role, you will work closely with SOC analysts and other security professionals to enhance the organization s ability to detect, respond to, and mitigate security threats. As a senior engineer, you will also be responsible for threat detection and analysis, automation of security processes, and maintaining a strong security posture through continuous improvement of the SOC infrastructure.

In addition to handling high-level security engineering tasks, you will mentor junior SOC analysts and engineers, providing technical guidance and fostering a culture of continuous improvement. You will also serve as the SOC s subject matter expert for emerging threats, advanced persistent threats (APTs), and cutting-edge security technologies.

Primary Duties

• Engineer and implement security solutions that enhance the SOC s ability to prevent, detect, and respond to security incidents across cloud environments (AWS, Google Cloud Platform and Azure).
• Lead the design, deployment, and maintenance of security monitoring infrastructure, including SIEM, IDS/IPS, EDR, and firewalls.
• Develop and maintain detailed incident response playbooks and procedures, ensuring alignment with industry best practices.
• Provide expert analysis of security events, correlating data from various sources (network, endpoint, application) to gain a holistic view of potential threats.
• Assist in containment and remediation strategies for cyber incidents, coordinating with internal teams to ensure swift resolution.
• Mentor and provide guidance to junior SOC engineers and analysts, helping them develop their technical skills and grow in their roles.

Minimum Qualifications

• Bachelor s degree in Computer Science, Information Security, or related field.
• Minimum of 7+ years of hands-on experience in cybersecurity, with a strong focus on SOC engineering, threat detection, and incident response.
• Expertise in managing and optimizing SIEM platforms (e.g.,Sumo Logic), EDR tools, IDS/IPS, and firewalls.
• Hands-on experience in threat intelligence, threat hunting, and advanced log analysis for incident detection and response.
• Understanding of security frameworks and methodologies, such as MITRE ATT&CK, NIST, ISO 27001, or CIS Controls.
• Familiarity with cloud security tools and techniques for monitoring and securing workloads in AWS, Azure, or Google Cloud Platform environments.

Preferred KSA s

• In-depth knowledge of security operations, including SIEM, EDR, IDS/IPS, malware analysis, and vulnerability management tools.
• Experience working with cloud security technologies (AWS, Azure, Google Cloud Platform), including monitoring, logging, and incident response in cloud environments.
• Experience in developing and deploying automation scripts (e.g., Python, PowerShell) to perform routine tasks such as log analysis, threat detection, and incident response.
• Act as the technical lead in investigating, analyzing, and responding to complex security incidents and remediation efforts.
• Experience in evaluating new security technologies and making recommendations to enhance the organization s defensive capabilities.
• Hands-on experience in malware analysis, reverse engineering, and digital forensics.
• Experience in advanced log and network traffic analysis to identify security incidents, trends, and anomalous behaviors.
• Certifications such as CISSP, GCIH, GCIA, CEH, OSCP, or GIAC are preferred.