Associate SOC Engineer

Ensign is hiring !

Key Responsibilities

• Provide engineering supporting an SOC environment in areas relating to Advanced Analytics domain
• Approve junior engineer requests and assignment of work to the various junior engineers
• Plan work activities for engineering team and provide engineering support
• Plan, test and deploy patches for SOC systems
• Work with DevOps and SOC team to plan for developmental work
• Manage lifecycle of security log sources, including onboarding, modifying and decommissioning of log sources
• Perform data engineering to extract, transform, load for security monitoring
• Work with SOC team to plan and deploy new features and changes to the SOC environment
• Approve and review technical documentation for SOC environment
• Stand-by support after office hours for support issues
• Perform troubleshooting of issues in relation to SOC technologies within the SOC environment
• Monitor service levels of issues and manage escalate issues to Subject Matter Experts when necessary

Qualifications

• Diploma or Bachelor’s Degree in Information Technology
• Working experience with qualification in IBM Qradar, Splunk or equivalent
• 2-3 years of experience in SOC technologies such as SIEM, SOAR or TIP
• Knowledge of SIEM products such as Crowdstrike, Google, IBM, Microsoft and Cisco is preferred.
• Good Linux and network fundamental knowledge
• Regular expression knowledge is required
• Knowledge of scripting languages such as Python, PowerShell and Bash will be an advantage
• Good communication and written skills
• Positive working attitude
• Passionate in information security