Sr. SOC Security Engineer II

The Senior SOC Security Engineer will serve as a key technical expert within the Security Operations Center (SOC), responsible for leading the design, implementation, and optimization of security monitoring and incident response technologies. In this hands-on role, you will work closely with SOC analysts and other security professionals to enhance the organization’s ability to detect, respond to, and mitigate security threats. As a senior engineer, you will also be responsible for threat detection and analysis, automation of security processes, and maintaining a strong security posture through continuous improvement of the SOC infrastructure.

In addition to handling high-level security engineering tasks, you will mentor junior SOC analysts and engineers, providing technical guidance and fostering a culture of continuous improvement. You will also serve as the SOC’s subject matter expert for emerging threats, advanced persistent threats (APTs), and cutting-edge security technologies.

1. Engineer and implement security solutions that enhance the SOC’s ability to prevent, detect, and respond to security incidents across cloud environments (AWS, GCP and Azure).

2. Incident Response & Threat Hunting: Lead investigations into complex security incidents, perform root cause analysis, and proactively hunt for threats using tools like MITRE ATT&CK framework.

3. Develop and maintain detailed incident response playbooks and procedures, ensuring alignment with industry best practices.

4. Provide expert analysis of security events, correlating data from various sources (network, endpoint, application) to gain a holistic view of potential threats.

5. Assist in containment and remediation strategies for cyber incidents, coordinating with internal teams to ensure swift resolution.

6. Mentor and provide guidance to junior SOC engineers and analysts, helping them develop their technical skills and grow in their roles.

• Bachelor’s degree in Computer Science, Information Security, or related field.

• Minimum of 7+ years of hands-on experience in cybersecurity, with a strong focus on SOC engineering, threat detection, and incident response.

• Expertise in managing and optimizing SIEM platforms (e.g.,Sumo Logic), EDR tools, IDS/IPS, and firewalls. Deep knowledge of networking, security protocols, and cloud platforms (AWS, Azure).

• Hands-on experience in threat intelligence, threat hunting, and advanced log analysis for incident detection and response.

• Understanding of security frameworks and methodologies, such as MITRE ATT&CK, NIST, ISO 27001, or CIS Controls.

• Familiarity with cloud security tools and techniques for monitoring and securing workloads in AWS, Azure, or GCP environments.