SOC Engineer Tier 2

About The Position

Requirements

• 6 + years of experience in security engineering to operate M365 and Azure platforms.
• Security+ certification.
• Experience in Azure and M365 environments.
• Good experience in a variety of SOC engineering/administration tools.
• Strong engineering analysis ability.
• TS/SCI with CI Polygraph clearance is required.
• CySA+ is required within 6 months of joining the team.

Nice To Haves

• Provide technical guidance / recommendations to clients to enhance their overall security posture within the managed products.
• Work with vendors, outside consultants, and other third parties to improve information security within the organization.
• Advanced Forensics skills to evaluate current malware and phishing threats.
• Familiarity with Microsoft Azure Sentinel and Microsoft Defender Suite.
• Experience with SOC capabilities using tools like Azure Monitor, Azure Sentinel, Azure Automation, Azure Backup, Azure Security Center, etc.
• Apply these capabilities to IaaS and PaaS services such as VMs, Azure Service Environment ASE, Azure Kubernetes Service AKS, Spring Cloud, Azure Virtual Desktop, etc.
• MSFT: SC-200, SC-900, AZ-900, AZ-500 certifications.

Responsibilities

• Review environment scoping information and inventory to understand the organization's business, applications, and technical solutions.
• Understand the security roadmap and its impact on Security Operations Center (SOC) staff tasks.
• Provide the SOC with an understanding of the mapping between IT & organizational security and its relation to SOC responsibilities.
• Ensure the SOC team focuses on education based on preventative maintenance and roadmap capabilities.
• Participate in audit reviews to ensure gaps in coverage are addressed by the SOC team.
• Support the creation of reporting templates, explain their usage and generation, and define their cadence.
• Create a process for reviewing reports and implementing feedback loops for improvement.
• Specialize in SIEM configuration and maintenance.
• Be responsible for building the security architecture and systems.
• Work with development operations teams to ensure systems are up to date.
• Document requirements, procedures, and protocols for user resources.
• Work with customers on complex operational issues.
• Leverage advanced threat detection.
• Lead incident response.
• Implement security automation.
• Manage complex incidents.
• Conduct threat analysis.
• Lead audits.
• Implement process improvements.
• Deliver high-quality reports.
• Align practices with industry standards.
• Operate with high autonomy.
• Lead team projects.
• Collaborate cross-functionally.
• Mentor junior staff.
• Resolve conflicts.
• Provide strategic consulting.
• Lead improvement initiatives.
• Recommend advanced technologies.
• Manage vendor relationships.
• Handle daily alerts, incidents; monitor, track, analyze, and record security events.
• Work with other IT professionals to resolve fast-moving vulnerabilities such as spam, virus, spyware, and malware.
• Monitor security vulnerability information from vendors and third parties.

Benefits

• Employee Ownership
• Continuous Learning (Access to resources, training, and mentorship)
• Inclusive Culture
• Mission-Driven Work