SOC Engineer

Overview

Job Description

Job Description: The SOC Platform Engineer with a minimum of 5 years of total experience to oversee the administrative functions of Threat Intelligence Platforms and other solutions within our Security Operations Center (SOC). In this role, you will manage and administrate the day-to-day operations of numerous SOC systems, ensuring effective integration and alignment with our security objectives. This includes user access and performance monitoring, while collaborating with technical teams to implement enhancements that improve our security posture. Additionally, you will maintain comprehensive documentation of processes and procedures and monitor the effectiveness of threat intelligence initiatives, providing insights for optimization. Strong organizational and communication skills are essential, as you will work closely with diverse teams to ensure the SOC operates efficiently and effectively in safeguarding the organization against cyber threats.

Responsibilities

Responsibilities:

• Threat Intelligence Platform Management: Manage and maintain enterprise and open-source threat intelligence platforms and solutions, including configuration, optimization, and integration with other SOC tools.
• Threat Intelligence Consumption: Manage the ingestion and consumption of threat intelligence in the TIP, ensuring information is available and correctly organized for analysis.
• Threat Intelligence Dissemination: Manage the integration and dissemination of threat intelligence feeds into the SOC internal and external environment, ensuring compatibility with existing tools and workflows.
• Integration with SOC Tools: Collaborate with other SOC engineering teams to tightly integrate threat intelligence solutions with existing SOC tools (SIEM, SOAR, EDR, NDR) and workflows for enhanced threat detection and service excellence.
• Automation Development: Develop and implement automation scripts and processes to streamline the collection, normalization, and dissemination of threat intelligence data.
• Customization and Enhancement: Customize and enhance threat intelligence platforms to meet the specific requirements of the SOC, including the development of custom parsers, connectors, and integrations.
• OS, Network, and API Skills: Leverage your strong technical skills in operating systems, networking, and APIs to troubleshoot and resolve any issues related to Threat Intelligence platforms (TIP), Network Detection and Response (NDR), and other systems.
• Threat Intelligence Analysis Support: Provide day to day support to threat intelligence analysts by ensuring they have access to relevant threat feeds and assisting in the analysis and interpretation of threat data.
• Performance Optimization: Continuously monitor, optimize, and report on the performance of threat intelligence solutions, identifying and resolving any issues or bottlenecks.
• Documentation and Reporting: Maintain comprehensive documentation of threat intelligence platform configurations, processes, and procedures. Generate regular reports on threat intelligence activities and findings for stakeholders.
• Collaboration and Knowledge Sharing: Collaborate with other SOC engineering teams to share knowledge, best practices, and lessons learned in threat intelligence management. Provide training and guidance to junior engineers as needed.
• Participate in special projects as needed to support the evolving needs of the Security Operations Center (SOC).
  
  

Skills

• Solid understanding of cloud platforms (AWS, Azure, Google Cloud) and their services.
• Solid knowledge of operating systems (Windows, Linux, macOS) and their security configurations.
• Thorough understanding of network protocols, architecture, and security
• Eager learner with strong analytical and problem-solving abilities.
• Proficiency in scripting languages (e.g., Python, Bash) for automation.
• Deep understanding of API design, development, and integration.
• Experience with microservices architecture and containerization technologies (e.g., Docker,
• Kubernetes).
• Ability to collaborate effectively with a variety of team members, including interfacing with customers to resolve issues.
• High proficiency in written and verbal communication
  
  

Qualifications

• Bachelor’s or master’s degree in computer science, Information Technology, or a related field.
• At least 5 years of experience in Systems Engineering in complex environments.
  
  

Certifications (preferred)

• Cloud-related certifications like AWS Certified Solutions Architect - Associate, Google Professional Cloud Architect - Associate, or Microsoft Certified: Azure Administrator Associate.
  
  

Networking certifications such as CCNA or CCNP are advantageous

Job Details

Role Level: Mid-Level Work Type: Full-Time Country: United Arab Emirates City: Abu Dhabi Company Website: https://cpx.net/ Job Function: Information Technology (IT) Company Industry/

Sector: Computer and Network Security

What We Offer

About The Company

Searching, interviewing and hiring are all part of the professional life. The TALENTMATE Portal idea is to fill and help professionals doing one of them by bringing together the requisites under One Roof. Whether you're hunting for your Next Job Opportunity or Looking for Potential Employers, we're here to lend you a Helping Hand.

Report

Disclaimer: talentmate.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at [email protected].