SOC Engineer Tier 2

About The Position

Requirements

• 6 + years of experience in security engineering to operate M365 and Azure platforms
• Security + certification
• Experience in Azure and M365 environments
• Good experience in a variety of SOC engineering/ administration tools
• Strong engineering analysis ability
• TS/SCI with CI Polygraph is required
• MSFT: SC-200, SC-900, AZ-900, AZ-500

Nice To Haves

• CySA+ is required within 6 months of joining the team
• Advanced Forensics skills to evaluate current malware and phishing threats.
• Familiarity with Microsoft Azure Sentinel and Microsoft Defender Suite
• Experience with SOC capabilities using tools like Azure Monitor, Azure Sentinel, Azure Automation, Azure Backup, Azure Security Center, etc.

Responsibilities

• Review environment scoping information and inventory to ensure a deep understanding of the organization's business, its applications, and technical solutions.
• Be well versed in the areas of focus on the security roadmap and have an understanding of how they will be implemented and impact the work that the Security Operations Center staff will have to take up.
• Provide the SOC with an understanding of the mapping between IT & organization security and how it relates to the responsibilities and tasking that the SOC has.
• Ensure that the SOC team is focusing on education based on preventative maintenance and roadmap capabilities.
• Participate in audit reviews to ensure that gaps in coverage are being addressed by the SOC team.
• Support the creation of reporting templates, explain how they are used and generated and the expectation regarding their cadence.
• Create a process where the reports are reviewed and feedback loops provide the ability to improve them.
• Specialize in SIEM configuration and maintenance.
• Responsible for building the security architecture and systems.
• Work with development operations teams to ensure that systems are up to date.
• Document requirements, procedures, and protocols to ensure that other users have the right resources.
• Work with customers on complex operational issues.
• Develops enterprise security architectures, frameworks, and standards; utilizes advanced forensics and integrates solutions with IT systems.
• Designs secure architectures, manages integration projects, leads strategic initiatives, and enforces policies and standards.
• Ensures integrity and scalability, develops comprehensive strategies, and optimizes solutions for performance and efficiency.
• Leads architectural teams, builds partnerships, manages knowledge, and communicates strategies and executive reports.
• Provides architectural consulting, leads innovation initiatives, evaluates enterprise technologies, and builds strategic partnerships.
• Handles daily alerts, incidents; monitors, tracks, analyzes and records.
• Work with other IT professionals to resolve fast moving vulnerabilities such as spam, virus, spyware and malware.
• Monitor security vulnerability information from vendors and third parties.
• Provide technical guidance / recommendations to clients to enhance their overall security posture within the managed products.
• Work with vendors, outside consultants, and other third parties to improve information security within the organization.
• Apply capabilities to IaaS and PaaS services such and VMs, Azure Service Environment ASE, Azure Kubernetes Service AKS, Spring Cloud, Azure Virtual Desktop, etc.

Benefits

• Employee Ownership
• Continuous Learning
• Inclusive Culture
• Mission-Driven Work