Security Operations Center (SOC) Engineer
About The Position
We are seeking a motivated and experienced Security Operations Center (SOC) Engineer who will be responsible for improving the company security posture via automation and threat hunting. The ideal candidate will have a strong background in Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms, coupled with proficiency in Python scripting. This role is pivotal in enhancing our security posture by developing and implementing automated security workflows, tuning our detection capabilities, and responding to sophisticated cyber threats.
Requirements
- 6+ years of experience in a Security Operations Center (SOC) environment or a similar cybersecurity role.
- Hands-on experience with managing and configuring SIEM platforms (e.g., Elastic SIEM, Splunk, QRadar, Microsoft Sentinel).
- Demonstrable experience with SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk SOAR) and playbook development.
- Proficiency in Python for scripting and automation of security tasks.
- Strong understanding of incident response methodologies, threat intelligence, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST).
- Excellent analytical and problem-solving skills with the ability to work effectively in a fast-paced environment.
Nice To Haves
- Relevant industry certifications such as CISSP, GCIH, or similar.
- Experience with cloud security and environmental constructs (AWS, Azure, GCP).
- Familiarity with other scripting languages (e.g., PowerShell, Bash).
- Knowledge of network and endpoint security solutions.
Responsibilities
- Maintain our SIEM and SOAR platforms to ensure optimal performance and effectiveness in detecting and responding to security threats.
- Develop and fine-tune detection and correlation rules, dashboards, and reports within the SIEM to accurately detect anomalous activities.
- Create, manage, and optimize SOAR playbooks to automate incident response processes and streamline security operations.
- Utilize Python scripting to develop custom integrations and automate repetitive tasks within the SOC.
- Build and maintain automation workflows to enhance the efficiency of threat detection, alert triage, and incident response.
- Integrate various security tools and threat intelligence feeds with our SIEM and SOAR platforms using APIs and custom scripts.
- Conduct proactive threat hunting to identify potential security gaps and indicators of compromise.
- Analyze security alerts and data from various sources to identify and respond to potential security incidents.
- Collaborate with Information Security team members and other teams to enhance the overall security of the organization.
- Create and maintain clear and comprehensive documentation for detection rules, automation workflows, and incident response procedures.
Benefits
- Health Care Plan (Medical, Dental & Vision)
- Life Insurance (Basic, Voluntary & AD&D)
- Paid Time Off (Vacation, Sick & Public Holidays)
- Training & Development
- Retirement Plan (401k, IRA)
- Free breakfast and lunch
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
1,001-5,000 employees
