Senior Security Engineer

About The Position

Requirements

• 5-8 years of experience in security engineering, incident response, or SOC operations.
• Proven hands-on experience with: SIEM, SOAR, and EDR/XDR platforms. Log management and threat intelligence integration.
• Demonstrated ability to lead technical investigations and respond to complex security incidents.
• Deep understanding of TCP/IP, Windows/Linux internals, and cloud environments (AWS, Azure, OCI).
• Proficient in writing and maintaining scripts using Python, PowerShell, or Bash.
• Experience with Elastic SIEM, malware sandboxing, and network packet analysis tools (e.g., Wireshark).

Nice To Haves

• Experience working in a SOC, MSSP, or cyber advisory function.
• Familiarity with scripting or data querying languages (e.g., Python, SQL) a plus.
• Passion for learning and applying cloud security best practices (OCI, AWS, Azure).
• Industry-recognized certifications (e.g., CISSP, GCIH, GCIA, GCFA).

Responsibilities

• Design, onboard, and normalize data sources into the Elastic SIEM platform.
• Engineer and optimize log ingestion pipelines to improve search performance and query efficiency.
• Develop advanced detection rules mapped to the MITRE ATT&CK framework.
• Continuously tune detection logic to minimize false positives and enhance signal-to-noise ratio.
• Leverage scripting languages (Python, PowerShell, Bash) to automate evidence collection, enrich alerts, and streamline repetitive tasks.
• Integrate threat intelligence feeds into SIEM/SOAR workflows to support proactive detection and response.
• Engage in technical investigations
• Lead and support technical investigations during security incidents across the enterprise.
• Build and deploy automated response playbooks within SOAR platforms.
• Collaborate with Legal, Compliance, and Customer teams during incident response cycles, ensuring consistent communication and transparency.
• Generate comprehensive technical incident reports for internal and external stakeholders.